Sql injection

Issues related to the Login tools of WYSIWYG Web Builder.
Forum rules
PLEASE READ THE FORUM RULES BEFORE YOU POST:
viewtopic.php?f=12&t=1901

MUST READ:
http://www.wysiwygwebbuilder.com/login_basics.html
http://www.wysiwygwebbuilder.com/login_tools.html

TIP:
A lot of information about the login tools can be found in the help/manual.
Also checkout the demo template that is include with the software.
Post Reply
User avatar
amir2314
 
 
Posts: 318
Joined: Wed Aug 02, 2017 12:16 pm

Sql injection

Post by amir2314 »

Hi dear pablo . How much is safty for signup form and contact form in wwb ?
Is it possible to hack my website with sql injection ?
User avatar
Pablo
 
Posts: 21585
Joined: Sun Mar 28, 2004 12:00 pm
Location: Europe
Contact:

Re: Sql injection

Post by Pablo »

All scripts are protected against SQL injection.
If there were any known issues then these would have already been fixed.
Also, you can easily verify this yourself by looking at the generated code.
User avatar
amir2314
 
 
Posts: 318
Joined: Wed Aug 02, 2017 12:16 pm

Re: Sql injection

Post by amir2314 »

Pablo wrote: Thu Mar 17, 2022 3:59 pm All scripts are protected against SQL injection.
If there were any known issues then these would have already been fixed.
Also, you can easily verify this yourself by looking at the generated code.
Hi dear pablo .
.
Today i suddenly Read the blog Called Hack a website by post Method ! I know i asked You Later About Sql Injection Method for Sequrity Of My Website . In this case the hacker Used Foxyproxy And Select All Data from Sql Server . He told That Some Website Can be Hacked By Post Method if there is no ( .php?Id=32 or ...) Visible In URL Bar .
.
So I have A Sequrity Question About User-login And Other Forms Can generated By Wwb . Is it safe wwb From Post Attack methods? Or get ? Is it test Before ? .
.
Im trying To LevelUp my website Sequrity From Bad Attackers Or Hackers . Is there any Article About Sequrity For WWB To Teach Users : Best Ways To Squre Your Website or somthing Like That ?
User avatar
Pablo
 
Posts: 21585
Joined: Sun Mar 28, 2004 12:00 pm
Location: Europe
Contact:

Re: Sql injection

Post by Pablo »

All submitted input is protected against code injection.

Code: Select all

mysqli_real_escape_string($db, $_POST['username'])
You do not have to do anything for that yourself.
User avatar
amir2314
 
 
Posts: 318
Joined: Wed Aug 02, 2017 12:16 pm

Re: Sql injection

Post by amir2314 »

Pablo wrote: Wed Dec 07, 2022 6:32 pm All submitted input is protected against code injection.

Code: Select all

mysqli_real_escape_string($db, $_POST['username'])
You do not have to do anything for that yourself.
thank you verymuch dear pablo . actualy i afraid of hijak my website from bad guys, i designed a huge artistic website with wwb depend on your efforts for this amazing software ( 4 years of working : day and nights for my website ( still working :oops: ) , thanks a lot pablo
all days im trying to improve security of my website sometime with htaccess somtimes with your advice somtimes with reading the blogs on the net .
Post Reply