Programming Forums - View Single Post

jsilver608 · Nov 5th, 2006, 8:14 PM

You can test it out by putting in ' or " and direct sql statements to see if it affects your data.

You could just put in a ' in your input fields and if you get an error back like this (then you are vulnerable):

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax' at line X"

Nov 5th, 2006, 8:14 PM	#3
jsilver608 Newbie Join Date: Oct 2006 Posts: 20 Rep Power: 0	You can test it out by putting in ' or " and direct sql statements to see if it affects your data. You could just put in a ' in your input fields and if you get an error back like this (then you are vulnerable): "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax' at line X" __________________ High Performance PHP http://www.whenpenguinsattack.com