Part 3 (final) – Input validation technique for SQL injection attack.
The SQL injection attack relies on malicious input. The simple and best approach restricts the input’s type, format, and length.
We can limit six numeric integers as input to capture birthdate in the web form. It restraint attackers to inject a long malicious SQL query.
The other way to look at it is as predefined shapes. If we want to capture only triangles, squares and circles, it doesn’t make sense to provide options for all other forms such as stars, eclipses and cylinders.
Tags: Application Security Data Security Database Security Information Security SQL Injection