.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Interview Question >> Sql Server >> Post New Question Subscribe to Interview Questions

What is SQl injection?

Posted By :nishithraj     Posted Date :March 29, 2010    Points :10   Category :Sql Server 
SQl injection is a form of attack on a database-driven Web site. it happens by the attacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet, bypassing the firewall. Through the SQl injection, data can be stealed from the database. Also application can be crashed in some scenarios.

You can also find related Interview Question to What is SQl injection?  below: 

What is SQl injection ?

  
It is a Form of attack on a database-driven Web site in which the attacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet, bypassing the firewall. SQL injection attacks are used to steal information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer that is hosting the database.

SQL injection attacks typically are easy to avoid by ensuring that a system has strong input validation.

As name suggest we inject SQL which can be relatively dangerous for the database.

Example this is a simple
SQL SELECT email, passwd, login_id, full_name FROM members WHERE email = ''x''

Now somebody does not put "x" as the input but puts "x ; DROP TABLE members;".

So the actual SQL which will execute is :-
SELECT email, passwd, login_id, full_name FROM members WHERE email = ''x'' ; DROP TABLE members; (More...)

What is sql injection?

  
SQL Injection is not a thing to implement
its infact a security attack, the most common form is, you provide the attributes
of the query in URL or some field (e.g. text box), so others can
inject their own sql in the URL, or in the text box, hence, when ur page will
do post back, it can do any thing with the SQL database using any SQL statement (More...)

What is Dependency Injection?

  
It is the mechanism through with dynamic capabilities are added in the runtime. Most of the time it would be through proxy classes.

Some frameworks in this regard are:
Spring.Net, NInject, Enterprise Library Policy Injection etc. (More...)

Quick Links For Interview Questions Categories:
ASP.Net Windows Application   .NET Framework   C#   VB.Net   ADO.Net  
Sql Server   SharePoint   Silverlight   OOPs   JQuery   JavaScript/VBScript
Biztalk Patten/Practices .IIS WCF WPF WWF
Networking Aptitude Others   All      

Find questions, FAQ's and their answers related to .NET, C#, Vb.Net, Sql Server and many more.

 
Now you can find lots of .NET, C#, Vb.Net, SQL Server,Windows, ASP.Net related Questions and their Answers here at www.dotnetspark.com. Our aim is to help you pass your certification Exams (MCP, MCSD, MCAD etc.,) with flying scores and get good name in your company.

So, Start looking our Interview Question section daily and improve your .NET Skills. You can also help others by posting Interview Questions and their Answers in this section.


Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend