Voodoo Jai Posted October 9, 2008 Share Posted October 9, 2008 If I have the genereal public access my db with a user that has only view access rights, does this mean that an SQL injection could not happen. Or is an injection only possible with a user that has been granted more than just view right to the database. Many thanks VoodooJai Quote Link to comment Share on other sites More sharing options...
Maq Posted October 9, 2008 Share Posted October 9, 2008 Or is an injection only possible with a user that has been granted more than just view right to the database. SQL injections can be performed with just view only, it's being injected into your code. Please read: SQL Injections Quote Link to comment Share on other sites More sharing options...
taichimasta Posted October 9, 2008 Share Posted October 9, 2008 I'm still a novice , but I'm sure a sql injection can be made when any query isn't sanitized/protected. I'm working on something similar so everything and anything that access my database gets protected/escaped/e.t.c. I could be wrong tho have only been working oh php/mysql for a few years. Quote Link to comment Share on other sites More sharing options...
Maq Posted October 9, 2008 Share Posted October 9, 2008 a few years should be enough to know how to prevent injections. Anyway there r plenty of examples of how to prevent these types of attacks. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.