solomon kariri solomonkariri at gmail.com
Actually I dont why Im always the person to get these funny things. I think
whatever the case is, you should never display to the end user the results
of an sql error as it might expose some information about the structure of
the database. As in imagine a message like this [MySQL][Version 1.5] there
is an error in your sql. Please check the manual for the correct syntax to
use near 'username='whateveruproviede',access_level=3'. I was just
wondering. From the response Im sure you can tell what database they are
using because the nature of the messages is usually characteristic of
certain database management system.
--------------------
Dude, When I get there, I'm sure will exchange some views with you because seems you are talking of exploits in sql.
But the basics of any application design ( my world at the moment ) or web design ( future world ):
- Forms ; capture, edit and query data
- Db : store data
Db access needs I think 2 ports open in udp. The exploits are on all DB platforms or just one?
--
"always a student @ heart....? "