Home arrow MySQL arrow Page 4 - MySQL Security Overview

Testing Web Forms - MySQL

When should you start to worry about MySQL security? When you start to use the MySQL server over an Internet connection. Why? Because that is when your MySQL server is going to be the most vulnerable to all kinds of attacks, such as alterations and denial of service.

TABLE OF CONTENTS:
  1. MySQL Security Overview
  2. Passwords
  3. Data transmission
  4. Testing Web Forms
By: Leidago
Rating: starstarstarstarstar / 23
November 27, 2006

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Make sure that your scripts have all the safeguards in place when dealing with user input no matter how trivial the data in your database might seem. To test whether your web forms are properly protected, enter ''' into your web form. If you get any kind of MySQL error, then you should look at your scripts and try to work it out, because it may be a vulnerability that you cannot afford to have when using MySQL over the Internet.

Enter random characters, special symbols and spaces in fields that are meant to be numeric. If you see a MYSQL error, it means that your script passes unchecked values to your MySQL query. This is very dangerous and should not happen.

Data escaping and data filtering is very important when dealing with databases, and different scripting languages offer different functions to help escape form data. Some of the functions offered by PHP include mysql_escape_string(), addslashes() and stripslashes(). Other programming languages will have their own like Perl's "quote()".

Conclusion

This article talked about the general guidelines that you need to follow in order to make MySQL as safe as possible. This is by no means a exhaustive list of guidelines, but it will make your MYSQL server more secure. In future articles we will discuss the MySQL Privilege System.



 
 
>>> More MySQL Articles          >>> More By Leidago
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

MYSQL ARTICLES

- Oracle Unveils MySQL 5.6
- MySQL Vulnerabilities Threaten Databases
- MySQL Cloud Options Expand with Google Cloud...
- MySQL 5.6 Prepped to Handle Demanding Web Use
- ScaleBase Service Virtualizes MySQL Databases
- Oracle Unveils MySQL Conversion Tools
- Akiban Opens Database Software for MySQL Use...
- Oracle Fixes MySQL Bug
- MySQL Databases Vulnerable to Password Hack
- MySQL: Overview of the ALTER TABLE Statement
- MySQL: How to Use the GRANT Statement
- MySQL: Creating, Listing, and Removing Datab...
- MySQL: Create, Show, and Describe Database T...
- MySQL Data and Table Types
- McAfee Releases Audit Plugin for MySQL Users

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: