SQL Injection is a term for injecting SQL command or query in the address query or as a input in the form of the POST or GET method in the web pages.
You have a database of different products such as call recorder, with primary key product_id. To get a product info from database, you use a form, where user has to supply product_id and click submit button. With SQL Injection attack, it is possible to send a modified SQL Query from the url of product info. This can do a lot of damage to the database.
To get a product info you are using:
$query=”SELECT * FROM products WHERE product_id=’”.$_GET[’product_id’].”‘”;
If somebody instead of providing only product_id, would enter: 34′; DROP TABLE product; #
it will change the query to:
SELECT * FROM products WHERE product_id=’10′; DROP TABLE products; #’;
To prevent SQL Injection attacks, always use mysql_real_escape_string() function and validate data, before sending the variable to SQL query.
$product = mysql_real_escape_string($_GET[’product_id’]);
$query=”SELECT * FROM products WHERE product_id=’”.$product.”‘”;
echo “Incorrect data entered”;
No posts found