Jump to content

being wary of sql injection or other forms of hacking

Recommended Posts

Not sure what topic to post this under.   I've read a bunch about sql injection and have done all the testing for bad input when building forms and input devices, but then I thought what if you display an alpha-numeric pad for a person to enter the data.   I figured you have complete control over the input  by processing each character as they are entered and then using a php file to process the end result.   Basically there is no place for a hacker to enter a sql string with slashes or whatnot.   I'd like to hear what pitfalls there are with this type of approach and what injections or hacking might be tried if I used something like this.  Would there be an article someone could point me toward concerning this and how to avoid trouble (not just sql injection, as I've said I've read a bunch, but other standard forms of hacking).   Thank you very much!  I forgot to mention that my idea of an alpha-numeric pad is to have just A-Z, 0-9 and a button for spacebar, bckspc and enter.

Edited by Gilbert
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...