Merge branch 'security' of https://github.com/ManueldG/doc-it into se…

…curity

security/database.xml

@@ -212,6 +212,17 @@ insert into pg_shadow(usename,usesysid,usesuper,usecatupd,passwd)
      l'aggressore potrebbe tentare di aggiungere un'intera query a quella originale da elencare
      password da una tabella arbitraria. Si consiglia vivamente di salvare sole le secure hash delle password 
      anziché le password stesse.
+
+
+     A feasible way to gain passwords is to circumvent your search result pages.
+     The only thing the attacker needs to do is to see if there are any submitted variables
+     used in SQL statements which are not handled properly. These filters can be set
+     commonly in a preceding form to customize <literal>WHERE, ORDER BY,
+     LIMIT</literal> and <literal>OFFSET</literal> clauses in <literal>SELECT</literal>
+     statements. If your database supports the <literal>UNION</literal> construct,
+     the attacker may try to append an entire query to the original one to list
+     passwords from an arbitrary table. It is strongly recommended to store only
+     secure hashes of passwords instead of the passwords themselves.
      <example>
       <title>
        Elenco degli articoli... e alcune password (può essere usato su qualunque server di database).
@@ -228,8 +239,8 @@ $result = odbc_exec($conn, $query);
 ]]>
       </programlisting>
      </example>
-     La parte statica della query può essere combinata con un'altra
-     <literal>SELECT</literal>richiesta che rivela tutte le password:
+     La parte statica della query può essere combinata con un'altra - The static part of the query can be combined with another
+     <literal>SELECT</literal>dichiarazione che rivela tutte le password: - statement which reveals all passwords:
      <informalexample><!--XXX tradotto ricontrollare-->
       <programlisting role="sql">
 <![CDATA[