Link to home
Start Free TrialLog in
Avatar of martin2311
martin2311

asked on

sql injections

Hey guys m new to developing can i know how can i find sql injection errors from the script and fix them?

like i have source codes of many websites which include normal blogs to commerce sites i want to know how can i find where possible sql injection error could be by opening the php files in notepad or any other editor????

database can be any mysql mssql
ASKER CERTIFIED SOLUTION
Avatar of Cornelia Yoder
Cornelia Yoder
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of martin2311
martin2311

ASKER

well there are hell of files how to check in each and every file? any easy way around?
not really... if you want to rely on magic quotes you can turn them on while you work your way through each files (it's not a 100% foul's proof though but it is "automatic"). In the long run however I advise you to encapsulate your DB logic in a few classes and do the necessary security checks there:
http://php.net/manual/en/security.magicquotes.php

if you want something 100% secure you will have to edit most of your pages anyway, especially if security was not taken into account during the development process. You might also want to look at PHP frameworks that comes with secure database classes
SOLUTION
Avatar of Olaf Doschke
Olaf Doschke
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
well i said me new i meant new in finding errors i know php and web development but m not good in finding errors are there any good tools to find web app errors free one ? like i make a local server and test them that way
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.