Skip to main content

How to Avoid Sql-injection :-

Principle

Implementation

Never trust user input

Validate all textbox entries using validation controls, regular expressions, code, and so on

Never use dynamic SQL

Use parameterized SQL or stored procedures

Never connect to a database using an admin-level account

Use a limited access account to connect to the database

Don't store secrets in plain text

Encrypt or hash passwords and other sensitive data; you should also encrypt connection strings

Exceptions should divulge minimal information

Don't reveal too much information in error messages; use customErrors to display minimal information in the event of unhandled error; set debug to false
Labels:

Comments

Post a Comment

Popular posts from this blog

IIS, There was an error when trying to connect. Do you want to retype your credentials and try again?

IIS 8 error on windows server 2012 insufficient permission There was an error when trying to connect. Do you want to retype your credentials and try again? Details: Filename: \?\C:Windows\system32\inetsrv\config\redirection.config Error: Cannot read configuration file due to insufficient permissions screenshot: Solution: Steps to short out this issue: go to C:\Windows\Microsoft.Net\Framework64\v2.0.50727\CONFIG\machine.config here you got the redirection tag like the below <configurationredirection enabled="true" password="[enc:IISCngProvider:X0ObCWwZ4+PrTHiFVPtzFeCcL8u5P6KUOYfo1/0QrgZWATA5pKWqHvD8nL2crNJKyyqr4z/rBdLPjdRcaLxAMMj4l+lvp5EXXKSXueolvyGa34F4QZfbBVCM6oVNcq3M368TOTVjJv4POVFQWvu0MDVlGgReglXB+Lw5BRI4Htw=:enc]" path="C:\Windows\System32\inetsrv\config\import\" username="Administrator"> </configurationredirection"></li"> you need to change this to <configurationRedirection /> Th...
1 comment
Read more

Plesk - Upgrade the .net Framework to 4.7.2 OR 4.8

 Steps to Upgrade the .net Framework to 4.7.2 OR 4.8 1. First Download the .NET Framework from https://dotnet.microsoft.com/download/dotnet-framework   2. Install on the Server. 3. Login to the Plesk and go to "Tools & Settings" > "Server Components" and refresh the components using the refresh button 4. After update, it will reflect in "Web Script" section at the server component page. All done!!!
Post a Comment
Read more