Django Book 翻译
菜单>:
TOC
返回
原文:
*SQL injection* is a common exploit in which an attacker alters Web page parameters (such as ``GET`` /``POST`` data or URLs) to insert arbitrary SQL snippets that a naive Web application executes in its database directly. Its probably the most dangerous and, unfortunately, one of the most common vulnerabilities out there.
翻译:
SQL注入 是一个很常见的形式,在SQL注入中,攻击者改变web网页的参数(例如 ``GET`` /``POST`` 数据或者URL地址),加入一些其他的SQL片段。未加处理的网站会将这些信息在后台数据库直接运行。这也许是最危险的一种,然而不幸的是,也是最多的一种隐患。
备注:
译者: