| 基于B/S系统的SQL注入防御技术研究 |
| |
| 引用本文: | 吴涛,张俊. 基于B/S系统的SQL注入防御技术研究[J]. 数字社区&智能家居, 2020, 0(2): 7-8 |
| |
| 作者姓名: | 吴涛 张俊 |
| |
| 作者单位: | 攀枝花学院 |
| |
| 摘 要: | 随着互联网的发展,基于Web服务器语言和后台数据库模式的网站存在安全性问题,其中SQL注入数据库是最具威胁B/S系统漏洞的攻击。该文分析了SQL注入原理及特点,研究了预防SQL注入的攻击方法,针对B/S系统的特点,提出了字段检查、注入测试、服务器加固、绑定变量和禁止字符串拼接等SQL注入的防治手段,对预防SQL注入提供了有效的方法,增加了B/S系统的安全性。
|
| 关 键 词: | SQL注入 B/S架构 WEB安全 |
Research on SQL Injection Defense Technology Based on B/S system |
| |
| WU Tao,ZHANG Jun. Research on SQL Injection Defense Technology Based on B/S system[J]. Digital Community & Smart Home, 2020, 0(2): 7-8 |
| |
| Authors: | WU Tao ZHANG Jun |
| |
| Affiliation: | (Panzhihua college,Panzhihua 617000,China) |
| |
| Abstract: | with the development of Internet,there are security problems in Web sites Based on Web server language and background da⁃tabase mode,among which SQL injection database is the most dangerous attack to B/S system vulnerability.This paper analyzes the principle and characteristics of SQL injection,studies the methods to prevent SQL injection.According to the characteristics of B/S sys⁃tem,it puts forward the prevention measures of SQL injection,such as field check,injection test,server reinforcement,binding variables and forbidding string splicing.It provides an effective method to prevent SQL injection and increases the security of B/S system. |
| |
| Keywords: | SQL injection B/S architecture Web Security |
| 本文献已被 维普 等数据库收录! |
|
