What is SQL Injection
By: Emiley J. Printer Friendly Format
SQL Injection is a method in which an attacker inserts malicious code into queries that run on your database. Have a look at this example:
<?php
$query = "SELECT login_id FROM users WHERE user='$user' AND pwd='$pw'";
mysql_query($query);
?>
Voilà! Anyone can log in as any user, using a query string like http://example.com/login.php?user=admin'%20OR%20(user='&pwd=')%20OR%20user=', which effectively calls the following statements:
<?php
$query = "SELECT login_id FROM users WHERE user='admin' OR (user = '' AND pwd='') OR user=''";
mysql_query($query);
?>
It’s even simpler with the URL http://example.com/login.php?user=admin'%23, which executes the query SELECT login_id FROM users WHERE user='admin'#' AND pwd=''. Note that the # marks the beginning of a comment in SQL.
Again, it’s a simple attack. Fortunately, it’s also easy to prevent. You can sanitize the input using the addslashes() function that adds a slash before every single quote ('), double quote ("), backslash (\), and NUL (\0). Other functions are available to sanitize input, such as strip_tags().
Most Viewed Articles (in MySQL ) |
Latest Articles (in MySQL) |
Comment on this tutorial
- Data Science
- Android
- AJAX
- ASP.net
- C
- C++
- C#
- Cocoa
- Cloud Computing
- HTML5
- Java
- Javascript
- JSF
- JSP
- J2ME
- Java Beans
- EJB
- JDBC
- Linux
- Mac OS X
- iPhone
- MySQL
- Office 365
- Perl
- PHP
- Python
- Ruby
- VB.net
- Hibernate
- Struts
- SAP
- Trends
- Tech Reviews
- WebServices
- XML
- Certification
- Interview
categories
Subscribe to Tutorials
Related Tutorials
Archived Comments
1. Debrakerne
View Tutorial By: Debrakerne at 2017-03-16 03:55:45
2. Asking questions are genuinely pleasant thing if y
View Tutorial By: http://geschenkefuermaenner.info at 2017-04-16 02:58:49