Application of Stored Procedures to Defense against SQL Injection Attacks in Online Examination System
存储过程技术在网络考试系统SQL注入攻击防御上的应用

This paper describes the use of stored procedures to improve the security of online examination system. We discuss SQL injection attacks , the method of defense using the stored procedures , and some stored procedures of the online examination system,such as randomly generated papers. Use of stored procedures effectually secures against SQL injection attacks, improves the system security.