SQL Injection ????

Blogger : MSDN Blogs
All posts : All posts by MSDN Blogs
Category : SAPscript
Blogged date : 2008 May 26

SQL Injection(????)??????

??????????

1. ????????????????,????????????????

2. ??<script>???????????SQL??????????????????

3. ?????????????????????????????????,?Microsoft MS06-014, ????????,(?????????????????)???????????????

4. ?????????IE????????,?????????SQL???????,?????????????<script>?? ????????????????

5. ???????????????????,????,?????Microsoft??????????????,?????????????

SQL Injection(????)?????????

??web?????SQL????,???????:

1?????

2???IIS??,?????????????????

3???web???,?????ASP???

??????????????,??????SQL Injection?????????????????????????????????,???“??SQL Injection(????)???????”?

??SQL?????????

??SQL Injection???????????????????????????????,??????????????????????,??????????????????

???????????????????????????,???SQL Injection(????)???

???????SQL Injection????????????????:

http://msdn2.microsoft.com/en-us/magazine/cc163917.aspx

SQL ????

http://msdn.microsoft.com/zh-tw/library/ms161953.aspx

??????SQL Injection????????

http://www.microsoft.com/taiwan/sql/SQL_Injection.htm

SQL Injection (????)– ??? SQL????(?)

http://www.microsoft.com/taiwan/sql/SQL_Injection_G1.htm

SQL Injection (????)– ??? SQL????(?)

http://www.microsoft.com/taiwan/sql/SQL_Injection_G2.htm

How To - Protect from Injection Attacks in ASP.NET

http://msdn.microsoft.com/en-us/library/bb355989.aspx

How To - Protect from SQL Injection in ASP.NET

http://msdn.microsoft.com/en-us/library/ms998271.aspx

How To - Protect from Cross-Site Scripting in ASP.NET

http://msdn.microsoft.com/en-us/library/ms998274.aspx

Design Guidelines

http://msdn.microsoft.com/en-us/library/aa302420.aspx

Arch/Design Inspection

http://msdn.microsoft.com/en-us/library/aa302421.aspx

????????,???????????????????????????????????????????

??,SQL Injection ???? MS SQL Server ????,????????????????????????

Read comments or post a reply to : SQL Injection ????