SQL Injection is a technique that exploits a security vulnerability at the database layer of an application. It is a special way of crafting or designing an input string such that the user gets control over the database.
For eg: Mostly all database related statements would look similar to:
SELECT * FROM EMPLOYEE WHERE EMP_ID = ' + $emp_id + ' AND PASSWD = ' + $passwd + ';
Imagine if an user inputs the passwrod string like
e' or 'e'='e
then the query would become
SELECT * FROM EMPLOYEE WHERE EMP_ID = ' + $emp_id + ' AND PASSWD = 'e' OR 'e'='e';
This would always evaluate to true and would grant the user access to the whole data.
A notorius user can even write multiple query lines to say Drop Table etc.
Two Steps to tackle this situation:
1. Limit Permissions:
The DB administrator should create different users depending on the kind of action performed, and appropriate credentials with least priviledges necessary for a task to be performed should be used. This could prevent most attacks but not all.
2. Clean the Input String:
PHP team has already released a function "mysql_real_escape_string()" to tackle this situation. This function replaces the (‘) with a (\’) and thus would not allow the attack.
So all you have to do is:
$passwd = mysql_real_escape_string($passwd);
Now the query would become:
SELECT * FROM EMPLOYEE WHERE EMP_ID = ' + $emp_id + ' AND PASSWD = 'e\' OR \'e\'=\'e';
Hope this helps!!!
Windows Vista basically replaces the popular hibernate feature with a new one called ‘Sleep‘, which is a combination of both Hibernation and Stand-By. In any case if you use a computer that is not always connected to power like a Laptop, you do need hibernation features. Or maybe your scenario doesn’t needs hibernation. So why waste the hard-disk space that the hiber.sys takes on your system? In any case you need a method to easily enable/disable hibernation feature on your machine.
As usual, XpressZine would always give/suggest you the best and easiest option to do any task.
So open up your command prompt by typing ‘cmd‘ in the ‘Run‘ window. Once the ‘Command Prompt‘ appears type the below code to finish the task you want to achieve.
To Enable Hibernation:
Type ‘powercfg -h on‘ (without quotes)
To Disable Hibernation:
Type ‘powercfg -h off‘ (without quotes)
NOTE: You need to have administrator access to complete this function.
NOTE: A confirmation may not be given. If no error is displayed then it would mean that the command executed successfully.
Filed Under (HowTo, Tips) by Rajan Zachariah on 25-02-2008
How many times have you wished that you have an easy access to your most used folders? But alas! Windows generally shows only a default set of folders in the sidebar! And you thought you can never change that? See the below image then !!
All you need to do is any one of the below mentioned step:
-
Drag and Drop
In Windows Explorer, go one level above the folder that you want in the sidebar and simply drag your mostly used folder onto the sidebar.
As you can see from the above two images the folder is easily being moved and how the folder’s link is placed inside the sidebar.
-
Edit the Links folder
- Go to Run and type C:\Users\<Your User Name>\Links
- Add/Remove shortcut of folders that you want to be there in the sidebar.(Remember: Shortcuts and not the folders itself!!!)
