Thread: Security in PHP
View Single Post
  #45 (permalink)  
Old 03-27-2008, 01:20 AM
Jeyaseelansarc Jeyaseelansarc is offline
D-Web Genius
  
Join Date: Mar 2007
Location: Chennai
Posts: 1,162
Jeyaseelansarc is on a distinguished road
Send a message via AIM to Jeyaseelansarc
Default Re: Security in PHP
SQL UPDATE's are also susceptible to attack. These queries are also threatened by chopping and appending an entirely new query to it. But the attacker might fiddle with the SET clause. In this case some schema information must be possessed to manipulate the query successfully. This can be acquired by examining the form variable names, or just simply brute forcing. There are not so many naming conventions for fields storing passwords or usernames.
__________________
With,
J. Jeyaseelan
Everything Possible
Reply With Quote