Menu
I purchased a script that has some weird code in it. I'm a PHP beginner but know a little about things like sanitizing input data.
This is the code:
<form action="sendpass.php" method="post" id="sendpassform">
<input type="text" name="email" />
<input type="submit" name="sendpass" value="Send" />
</form>
?>
...
if($_REQUEST['email'] != ''){
$email = $_REQUEST['email'];
$k = mysql_query("SELECT * FROM users WHERE email='".$email."'") or die(mysql_error());
$result= mysql_fetch_array($k);
....
}
What I'm curious of, is if someone can hack the site using this form, because the email field is just passed directly to SQL with any escaping...
686
Yes. This is called SQL injection. Anywhere user supplied values are directly included in a SQL statement, this is a possibility.
137
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
