Proposed Method to Prevent SQL Injection Attack
DOI:
https://doi.org/10.25195/ijci.v42i1.85Keywords:
SQL Injection, Network security, database securityAbstract
the internet and its websites have huge using these days. These webs may have sensitive and secret information like
military information, financial information and other important information that transfer through the networks.
Only some people have the authorization to see and access this information. So information has to transfer in secret
environment. SQL injection represents one of the most important things that thread these webs. In which unauthorized
people can access to the data and information. This paper introduces a method that can be used to prevent SQL injection
by converting the user input to static string, use this string as user input and compared with the database attributes that need
to compare with, during the runtime. The goal behind converting the input to a string is to make user input as a single
unit (one token) that cannot use as a SQL query statement. The system will call the database attribute in such away in which
user cannot access to the sql statement to do the injection. And the sql query will be empty from any input tools that can use by
user to injects the SQL.
Downloads
Downloads
Published
Issue
Section
License
IJCI applies the Creative Commons Attribution (CC BY) license to articles. The author of the submitted paper for publication by IJCI has the CC BY license. Under this Open Access license, the author gives an agreement to any author to reuse the article in whole or part for any purpose, even for commercial purposes. Anyone may copy, distribute, or reuse the content as long as the author and source are properly cited. This facility helps in re-use and ensures that journal content is available for the needs of research.
If the manuscript contains photos, images, figures, tables, audio files, videos, etc., that the author or the co-authors do not own, IJCI will require the author to provide the journal with proof that the owner of that content has given the author written permission to use it, and the owner has approved that the CC BY license being applied to content. IJCI provides a form that the author can use to ask for permission from the owner. If the author does not have owner permission, IJCI will ask the author to remove that content and/or replace it with other content that the author owns or has such permission to use.
Many authors assume that if they previously published a paper through another publisher, they have the right to reuse that content in their PLOS paper, but that is not necessarily the case – it depends on the license that covers the other paper. The author must ascertain the rights he/she has of a specific license (a license that enables the author to use the content). The author must obtain written permission from the publisher to use the content in the IJCI paper. The author should not include any content in her/his IJCI paper without having the right to use it, and always give proper attribution.
The accompanying submitted data should be stated with licensing policies, the policies should not be more restrictive than CC BY.
IJCI has the right to remove photos, captures, images, figures, tables, illustrations, audio, and video files, from a paper before or after publication, if these contents were included in the author's paper without permission from the owner of the content.