摘要
随着互联网技术的高速发展,基于B/S模式的W eb应用程序得到了广泛的应用,当这些W eb应用程序没有对接收到的数据进行合法性审查过滤时,系统便存在安全隐患.SQL注入正是利用了这一漏洞对数据库进行攻击的.文章研究了原理,并就对其如何防范讨论了几种方法.
With the rapid development of Internet technology, the B/S - based Web application has been widely used. When these Web applications do not check or filter the input data from the clients, the system will pose a safety hazard from such attacks as from the SQL injection over its vulnerability. After exploring the principle of SQL injection attacks, the paper comes up with several countermeasures against such attacks.
出处
《绍兴文理学院学报》
2010年第10期64-68,共5页
Journal of Shaoxing University
关键词
SQL注入
攻击
防范
SQL injection
attacks
prevention
