Jump to content

being wary of sql injection or other forms of hacking


Gilbert
 Share

Recommended Posts

Not sure what topic to post this under.   I've read a bunch about sql injection and have done all the testing for bad input when building forms and input devices, but then I thought what if you display an alpha-numeric pad for a person to enter the data.   I figured you have complete control over the input  by processing each character as they are entered and then using a php file to process the end result.   Basically there is no place for a hacker to enter a sql string with slashes or whatnot.   I'd like to hear what pitfalls there are with this type of approach and what injections or hacking might be tried if I used something like this.  Would there be an article someone could point me toward concerning this and how to avoid trouble (not just sql injection, as I've said I've read a bunch, but other standard forms of hacking).   Thank you very much!  I forgot to mention that my idea of an alpha-numeric pad is to have just A-Z, 0-9 and a button for spacebar, bckspc and enter.

Edited by Gilbert
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...