• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Hardware Secrets

Hardware Secrets

Uncomplicating the complicated

  • Case
  • Cooling
  • Memory
  • Mobile
    • Laptops
    • Smartphones
    • Tablets
  • Motherboard
  • Networking
  • Other
    • Audio
    • Cameras
    • Consumer Electronics
    • Desktops
    • Museum
    • Software
    • Tradeshows & Events
  • Peripherals
    • Headset
    • Keyboard
    • Mouse
    • Printers
  • Power
  • Storage
  • Video

Testing the Security of Your Website – Part 3

On this part of our “Testing the Security of Your Website” series, we will cover data manipulation and SQL injections.

Home » Testing the Security of Your Website – Part 3

Data Manipulation

Contents

  • 1. Data Manipulation
  • 2. SQL Injection
  • 3. Preventing SQL Injections

Some programmers trust that users will access a webpage the way the developer intended. What if the user tries to manipulate and change variables? What will happen? This is something you must test on your website.

This subject is better explained through examples. Let’s say you have an online store where the user can see his order through a link such as https://www.yoursite.com/orders.php?id=12345. What happens if the user tries to change his order number to a different number on the URL? Will he be able to see orders posted by other clients? In a well-designed script, the user will only be able to see his own orders, and give an error message if the user tries to manually manipulate the variable.

On another example, let’s say you have a website with a link such as https://www.yoursite.com/article.php?id=12345, which we assume displays article number 12345 from your database. What happens if the user tries to change the variable to a number of an article that does not exist? On a well-designed script, it will display an error message, whereas on a poorly designed script the page will be displayed with the text missing, which is not desirable.

And what happens if the user tries to manipulate the variable in a more drastic way? That is our next subject.

Continue: SQL Injection

Networking Tutorials

Primary Sidebar

As a participant in the Amazon Services LLC Associates Program, this site may earn from qualifying purchases. We may also earn commissions on purchases from other retail websites.

audio connectors on a motherboard (right) and ethernet + usb connectors (left)

How On-Board Audio Works

Learn how the sound card that comes embedded on your motherboard works.

How To Connect Your PC to Your Home Stereo or Home Theater

Learn how to hook your PC to your stereo or receiver in order to enhance you audio experience while playing games, watching videos, listening to music or even editing audio.

motherboard

Which is the best motherboard for Coffee Lake CPUs?

We compared seven different motherboards for Intel eighth-gen (Coffee Lake) CPUs, to help you to choose which one is the best for you. Check it out!

RAM Install

Does more RAM make difference in gaming performance?

Does installing more RAM in your computer improves gaming performance? We tested some recent games with 4 GiB, 8 GiB, and 16 GiB to find out. Check it out!

How to Refill Epson Cartridges

Learn how to reset the Epson cartridge chip, allowing you to refill the cartridge.

Footer

For Performance

  • PCI Express 3.0 vs. 2.0: Is There a Gaming Performance Gain?
  • Does dual-channel memory make difference on integrated video performance?
  • Overclocking Pros and Cons
  • All Core i7 Models
  • Understanding RAM Timings

Everything you need to know

  • Everything You Need to Know About the Dual-, Triple-, and Quad-Channel Memory Architectures
  • Everything You Need to Know About the SPDIF Connection
  • Everything You Need to Know About the Intel Virtualization Technology
  • Everything You Need to Know About the CPU C-States Power Saving Modes

Follow Us

Follow us on Facebook Follow us on Twitter Follow us on Instagram

Copyright © 2022 · All rights reserved - Hardwaresecrets.com
About Us · Privacy Policy · Contact