SQL injection attack is very easy to implement intrusion detection, Attacker through the webpage address into the entrance, constructs a SQL statement, illegal access to the web resources. This paper introduces the SQL is injected into the formation reasons, SQL injection methods, to prevent SQL injection of several common measures, gives a general SQL prevent implantation procedure..% SQL注入攻击是一种很容易实现的入侵方式,攻击者通过检测网页地址的注入入口,构造SQL语句,非法获取网站资源。文章介绍了SQL注入形成的原因、检测方法,防止SQL注入的几种常见的措施,结合实际给出了一个SQL通用防注入的程序。
展开▼