SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil
Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. By using SQL injecti...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2008
|
Subjects: | |
Online Access: | https://ir.uitm.edu.my/id/eprint/66071/1/66071.pdf https://ir.uitm.edu.my/id/eprint/66071/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.uitm.ir.66071 |
---|---|
record_format |
eprints |
spelling |
my.uitm.ir.660712022-09-14T06:25:25Z https://ir.uitm.edu.my/id/eprint/66071/ SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil Abdul Jalil, Mohd Fairuz Programming languages (Electronic computers) PHP Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. By using SQL injection attacks, an attacker could thus obtain and/or modify confidential/sensitive information. SQL injection attacks take advantage of code that does not filter input that is being entered directly into a form. Susceptible applications are applications that take direct user input and then generate dynamic SQL that is executed via back-end code. Objectives of the research are to indentify weakness in current website, identify the prevention strategies, applying malicious code to PHP framework which is Joomla 1.0.15 and eZ Publish 4.0.0 and finally identify whether SQL prevention strategies have been applied. As for the results, both framework have applied the SQL injections prevention strategies and not allowing SQL injection to occur. 2008 Thesis NonPeerReviewed text en https://ir.uitm.edu.my/id/eprint/66071/1/66071.pdf SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil. (2008) Degree thesis, thesis, Universiti Teknologi MARA (UiTM). |
institution |
Universiti Teknologi Mara |
building |
Tun Abdul Razak Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Teknologi Mara |
content_source |
UiTM Institutional Repository |
url_provider |
http://ir.uitm.edu.my/ |
language |
English |
topic |
Programming languages (Electronic computers) PHP |
spellingShingle |
Programming languages (Electronic computers) PHP Abdul Jalil, Mohd Fairuz SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil |
description |
Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. By using SQL injection attacks, an attacker could thus obtain and/or modify confidential/sensitive information. SQL injection attacks take advantage of code that does not filter input that is being entered directly into a form. Susceptible applications are applications that take direct user input and then generate dynamic SQL that is executed via back-end code. Objectives of the research are to indentify weakness in current website, identify the prevention strategies, applying malicious code to PHP framework which is Joomla 1.0.15 and eZ Publish 4.0.0 and finally identify whether SQL prevention strategies have been applied. As for the results, both framework have applied the SQL injections prevention strategies and not allowing SQL injection to occur. |
format |
Thesis |
author |
Abdul Jalil, Mohd Fairuz |
author_facet |
Abdul Jalil, Mohd Fairuz |
author_sort |
Abdul Jalil, Mohd Fairuz |
title |
SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil |
title_short |
SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil |
title_full |
SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil |
title_fullStr |
SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil |
title_full_unstemmed |
SQL injection: comparison of prevention strategies for PHP / Mohd Fairuz Abdul Jalil |
title_sort |
sql injection: comparison of prevention strategies for php / mohd fairuz abdul jalil |
publishDate |
2008 |
url |
https://ir.uitm.edu.my/id/eprint/66071/1/66071.pdf https://ir.uitm.edu.my/id/eprint/66071/ |
_version_ |
1744357251509911552 |
score |
13.160551 |