Log In  
Follow
samcherry
Follow

SQL Injection is a term for injecting SQL command or query in the address query or as a input in the form of the POST or GET method in the web pages.

For example:

You have a database of different products such as call recorder, with primary key product_id. To get a product info from database, you use a form, where user has to supply product_id and click submit button. With SQL Injection attack, it is possible to send a modified SQL Query from the url of product info. This can do a lot of damage to the database.

To get a product info you are using:

$query=”SELECT * FROM products WHERE product_id=’”.$_GET[’product_id’].”‘”;

If somebody instead of providing only product_id, would enter: 34′; DROP TABLE product; #

it will change the query to:

SELECT * FROM products WHERE product_id=’10′; DROP TABLE products; #’;

To prevent SQL Injection attacks, always use mysql_real_escape_string() function and validate data, before sending the variable to SQL query.

$product = mysql_real_escape_string($_GET[’product_id’]);
if (ValidateProduct($product))
$query=”SELECT * FROM products WHERE product_id=’”.$product.”‘”;
else
echo “Incorrect data entered”;


No posts found

Follow Lexaloffle:        
Generated 2020-02-26 11:12 | 0.064s | 4194k | Q:8