• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Hardware Secrets

Hardware Secrets

Uncomplicating the complicated

  • Case
  • Cooling
  • Memory
  • Mobile
    • Laptops
    • Smartphones
    • Tablets
  • Motherboard
  • Networking
  • Other
    • Audio
    • Cameras
    • Consumer Electronics
    • Desktops
    • Museum
    • Software
    • Tradeshows & Events
  • Peripherals
    • Headset
    • Keyboard
    • Mouse
    • Printers
  • Power
  • Storage
  • Video

Testing the Security of Your Website – Part 3

On this part of our “Testing the Security of Your Website” series, we will cover data manipulation and SQL injections.

Home » Testing the Security of Your Website – Part 3

Data Manipulation

Contents

  • 1. Data Manipulation
  • 2. SQL Injection
  • 3. Preventing SQL Injections

Some programmers trust that users will access a webpage the way the developer intended. What if the user tries to manipulate and change variables? What will happen? This is something you must test on your website.

This subject is better explained through examples. Let’s say you have an online store where the user can see his order through a link such as https://www.yoursite.com/orders.php?id=12345. What happens if the user tries to change his order number to a different number on the URL? Will he be able to see orders posted by other clients? In a well-designed script, the user will only be able to see his own orders, and give an error message if the user tries to manually manipulate the variable.

On another example, let’s say you have a website with a link such as https://www.yoursite.com/article.php?id=12345, which we assume displays article number 12345 from your database. What happens if the user tries to change the variable to a number of an article that does not exist? On a well-designed script, it will display an error message, whereas on a poorly designed script the page will be displayed with the text missing, which is not desirable.

And what happens if the user tries to manipulate the variable in a more drastic way? That is our next subject.

Continue: SQL Injection

Networking Tutorials

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

As a participant in the Amazon Services LLC Associates Program, this site may earn from qualifying purchases. We may also earn commissions on purchases from other retail websites.

How to Avoid Scams on Facebook Marketplace Once and For All

Social media scams generate more than 770 million US dollars in losses in the US alone, and it’s … [Read More...] about How to Avoid Scams on Facebook Marketplace Once and For All

AMD EPYC from Zen1 to Zen4. How it will change the CPU market?

AMD, together with Intel, is one of the major processor manufacturers known in today's market. … [Read More...] about AMD EPYC from Zen1 to Zen4. How it will change the CPU market?

Valorant Phoenix Tips & Tricks You Have to Know

The Phoenix character in Valorant is one of the most amazing to play. Being aggressive, Phoenix will … [Read More...] about Valorant Phoenix Tips & Tricks You Have to Know

Footer

For Performance

  • About
  • Contact
  • Articles
  • Editorials
  • First Look
  • Reviews
  • Tutorials
  • Privacy

Everything you need to know

  • Everything You Need to Know About the Dual-, Triple-, and Quad-Channel Memory Architectures
  • What You Should Know About the SPDIF Connection (2022 Guide)
  • Everything You Need to Know About the Intel Virtualization Technology
  • Everything You Need to Know About the CPU Power Management

Copyright © 2023 · All rights reserved - Hardwaresecrets.com
About Us · Privacy Policy · Contact