SQL Injection and Ruby - Ruby Programming

Rank: 1

1^# Jump to »

MarbinPost at 2010-5-14 21:43 | Show This Author's Posts Only

abstract:

I found a page in where someone says that the parameters will be somewhat "sanitized".
The question is:
What he mean by sanitized, in which way the parameters are going to be filtered?

I searched a lot in the internet about SQL Injection + Ruby
But I never found an article that can explain me something clearly.
I know that the following approach will help reduce SQL Injection attacks.
User.find(:first, :conditions => ["login = ? AND password = ?", params[:name],
params[

assword]])
I found a page in where someone says that the parameters will be somewhat "sanitized".
The question is:
What he mean by sanitized, in which way the parameters are going to be filtered?

Author Hot threads

TOP

Newbie

Rank: 1

2^#

MarbinPost at 2010-5-14 21:43 | Show This Author's Posts Only

I know all that of how SQL Injection is performed but anyway you clear my doubt.
It was simple by using that Ruby procedure that you mention at the end of your reply it will clean unwanted characters from the string.
Thanks.

TOP

Newbie

Rank: 1

3^#

gfcnmjvbw38Post at 2011-12-28 00:44 | Show This Author's Posts Only

贴贴推一下团队QQ:786748447 1分钱一贴

贴贴推一下团队QQ:786748447  1分钱一贴

发5000个高人气论坛仅需10圆钱保证搜索引擎当天收录！
把您需要发布的信息内容给我我为您在各大高人气论坛发布推广
10圆钱发5000个高人气论坛！1000贴！
10圆钱限一篇文章！发到5000个论坛发1000帖子！
保证百度当天收录！查看发帖效果请于隔天上百度搜索帖子标题！
郑重声明：办理发帖业务的只有这一个QQ:786748447
诚信交易  保证发帖质量联系QQ:786748447
把你要发的内容给我！支付宝即时到帐或银行卡付款款到即发  必须先付款！
本人全天在线！业务介绍都在我发布的宣传内容里！加完本人QQ后你所要做的：一把你要发的内容给我！二告诉我你的付款方式！三付款！

[i]I found a page in where someone says that the parameters will be somewhat "sanitized".
The question is:
What he mean by sanitized, in which way the parameters are going to be filtered?[/i]

TOP

Back Forum

Author Hot threads

贴贴推一下团队QQ:786748447 1分钱一贴

[Favorite Topic] [Add to My attention, if there is a New Reply]

[Through QQ, MSN Send to a friend]