Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Detect SQL injection and Prevent SQL injection.
- Thread starter tekpr00
- Start date
SantaMufasa
Technical User
Tekpr00,
Oracle Firewall (click this link) is a product that can (if configured properly) both detect and prevent SQL injections. As is always the case with Oracle products, prices may vary.
![[santa]](/data/assets/smilies/santa.gif "[santa] [santa]")
Mufasa
(aka Dave of Sandy, Utah, USA)
“People may forget what you say, but they will never forget how you made them feel.
Oracle Firewall (click this link) is a product that can (if configured properly) both detect and prevent SQL injections. As is always the case with Oracle products, prices may vary.
Mufasa(aka Dave of Sandy, Utah, USA)
“People may forget what you say, but they will never forget how you made them feel.
- Thread starter
- #3
![[sunshine]](/data/assets/smilies/sunshine.gif "[sunshine] [sunshine]")
but don't let it go unsaid that the obvious answer is to use a stored procedure interface - that guarantees that SQL injection will never occur.
Failing that, use sql statements with bind variables.
Cut it off at source, don't try to catch it once it's happened.
Regards
T
Failing that, use sql statements with bind variables.
Cut it off at source, don't try to catch it once it's happened.
Regards
T
- Thread starter
- #6
- Status
Similar threads
- Locked
- Question