• Post Reply Bookmark Topic Watch Topic
  • New Topic

Types of SQL injections  RSS feed

 
Yuvan Asav
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How many types of SQL injections are there?
 
Stephan van Hulst
Saloon Keeper
Posts: 7932
143
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure what you mean by "type of SQL injection". How do you distinguish between two different types?
 
Ryan McGuire
Ranch Hand
Posts: 1143
9
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does this help?  https://en.wikipedia.org/wiki/SQL_injection
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 66263
151
IntelliJ IDE Java jQuery Mac Mac OS X
 
Dana Ucaed
Ranch Hand
Posts: 405
6
Netbeans IDE Oracle Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Super explication.
 
Brian Tkatch
Bartender
Posts: 598
26
Linux Notepad Oracle
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is only one type of injection, that is, using a value for something other than a value. There is (basically) only one way to protect against this, and that is to always use bind variables for passed values.

There are some variants that might be considered another "type" of injection, but they all boil down to the same thing anyway. Just don't use dynamic SQL.
 
Peter Rooke
Ranch Hand
Posts: 897
7
Java Linux Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm guessing you're asking about parameter substitution when using dynamic SQL which is ran within a cursor?  I think it would depend upon the database product that you are using?

Informix had a nice feature allowing you to bind form variables to SQL cursors; Constuct Bt Name - Informix 4GL

In Sybase and Powerbuilder I recall their where four main types of dynamix cursors; Dynamix SQL - I'm guessing that this still applies to SQL Server since Mirco$wipe "based" their product on Sybase AS. 

I recall some horrific outsourced code I had the misfortune of modifying, a lot of nasty code that defined a type 4 SQLDA dynamic cursor.   Using SQLDA you are allowed to define a cursor in which the input parameters and types and the the result set and types are not defined until the querry runs.  Just because you can, does not mean you should however. 
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!