Cover Image

SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil

Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. By using SQL injecti...

Full description

Saved in:
Bibliographic Details
Main Author: Abdul Jalil, Mohd Fairuz
Format: Thesis
Language:English
Published: 2008
Subjects:
Programming languages (Electronic computers)
PHP
Online Access:https://ir.uitm.edu.my/id/eprint/66071/1/66071.pdf
https://ir.uitm.edu.my/id/eprint/66071/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uitm.ir.66071
record_format eprints
spelling my.uitm.ir.660712022-09-14T06:25:25Z https://ir.uitm.edu.my/id/eprint/66071/ SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil Abdul Jalil, Mohd Fairuz Programming languages (Electronic computers) PHP Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. By using SQL injection attacks, an attacker could thus obtain and/or modify confidential/sensitive information. SQL injection attacks take advantage of code that does not filter input that is being entered directly into a form. Susceptible applications are applications that take direct user input and then generate dynamic SQL that is executed via back-end code. Objectives of the research are to indentify weakness in current website, identify the prevention strategies, applying malicious code to PHP framework which is Joomla 1.0.15 and eZ Publish 4.0.0 and finally identify whether SQL prevention strategies have been applied. As for the results, both framework have applied the SQL injections prevention strategies and not allowing SQL injection to occur. 2008 Thesis NonPeerReviewed text en https://ir.uitm.edu.my/id/eprint/66071/1/66071.pdf SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil. (2008) Degree thesis, thesis, Universiti Teknologi MARA (UiTM).
institution Universiti Teknologi Mara
building Tun Abdul Razak Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Mara
content_source UiTM Institutional Repository
url_provider http://ir.uitm.edu.my/
language English
topic Programming languages (Electronic computers)
PHP
spellingShingle Programming languages (Electronic computers)
PHP
Abdul Jalil, Mohd Fairuz
SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
description Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. By using SQL injection attacks, an attacker could thus obtain and/or modify confidential/sensitive information. SQL injection attacks take advantage of code that does not filter input that is being entered directly into a form. Susceptible applications are applications that take direct user input and then generate dynamic SQL that is executed via back-end code. Objectives of the research are to indentify weakness in current website, identify the prevention strategies, applying malicious code to PHP framework which is Joomla 1.0.15 and eZ Publish 4.0.0 and finally identify whether SQL prevention strategies have been applied. As for the results, both framework have applied the SQL injections prevention strategies and not allowing SQL injection to occur.
format Thesis
author Abdul Jalil, Mohd Fairuz
author_facet Abdul Jalil, Mohd Fairuz
author_sort Abdul Jalil, Mohd Fairuz
title SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
title_short SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
title_full SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
title_fullStr SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
title_full_unstemmed SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
title_sort sql injection: comparison of prevention strategies for php / mohd fairuz abdul jalil
publishDate 2008
url https://ir.uitm.edu.my/id/eprint/66071/1/66071.pdf
https://ir.uitm.edu.my/id/eprint/66071/
_version_ 1744357251509911552
score 13.160551

Similar Items