Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

php sql injection

Tags:

sql

php

I have been surfing these days and got to know about SQL INJECTION ATTACK. i have tried to implement on my local machine to know how this can be done so that i can prevent it in my system...

i have written code like this

PHP Code : 

if(count($_POST) > 0){

       $con = mysql_connect("localhost","root","") or die(mysql_error());
    mysql_select_db('acelera',$con) or die(mysql_error()); //
    echo $sql = 'SELECT * FROM acl_user WHERE user_email = "'.$_POST['email'].'" AND user_password = "'.$_POST['pass'].'"';
    $res_src = mysql_query($sql);
    while($row = mysql_fetch_array($res_src)){
        echo "<pre>";print_r($row);echo "</pre>";
    }
}

HTML CODE : 

<html>
<head></head>
<body>

 EMAIL : <input type="text" name="email" id="email" /><br />
    PASWD : <input type="text" name="pass" id="pass" /><br />
    <input type="submit" name="btn_submit" value="submit email pass" />
        </body>
</html>

by this code if i give input as " OR ""=" then sql injection should get done. but it is not working properly. in post data i have addition slashes if i give above input in password field.

can any one show me how actually SQL INJECTION ATTACK can be done?(code will be more appreciable)

like image 330
Rukmi Patel Avatar asked Jul 13 '11 11:07

Rukmi Patel

People also ask

Does PHP prevent SQL injection?

Another approach for avoiding SQL injections is using PHP Prepared Statements. A prepared statement is a feature in PHP which enables users to execute similar SQL queries efficiently and repeatedly.

Can PHP be injected?

PHP Object Injection is an application level vulnerability that could allow an attacker to perform different kinds of malicious attacks, such as Code Injection, SQL Injection, Path Traversal and Application Denial of Service, depending on the context.

What is PHP injection code?

PHP code injection is a vulnerability that allows an attacker to inject custom code into the server side scripting engine. This vulnerability occurs when an attacker can control all or part of an input string that is fed into an eval() function call.

Does Mysqli prevent SQL injection?

Parameterized queries solve SQL Injection vulnerabilities. This example uses PDO to fix the vulnerability but you can still use mysqli functions to prevent SQL Injection.

1 Answers

You probably have magic quotes enabled. Check the return value of get_magic_quotes_gpc.

"Magic quotes" is an antique attempt from PHP to auto-magically prevent SQL injection, but in current versions it has been deprecated and you are encouraged to use prepared statements to avoid SQL injection.

See here how to disable them so you can experiment with SQL injection.

like image 83
Alin Purcaru Avatar answered Oct 05 '22 03:10

Alin Purcaru
Sign in to Comment

Related questions

How can I validate CSS within a script? [closed]
What are some well coded examples of standard data structures in PHP? [closed]
Custom Environment Variables in PHP
php function foo(array $arg = NULL) -- why the array and NULL?
Accessing an array element when returning from a function
Where should the business logic be placed when using Doctrine 2 and Zend Framework
PHP, Merging arrays with common keys
PHP classes why use public keyword?
When to show a fail whale?
PHP - defining classes inside a function
Memcached installed (In theory), PHP unable to use memcache_connect()
libphp5.so not being created after compiling and prefix directory not created
PHPUnit - test the validity of an SQL Query
Why is xdebug not showing up in phpinfo()
Gearman vs ZeroMQ
Copy a database with data in MySQL
PHPUnit - 15+ hrs wasted and still doesn't work
Are ^$ and $^ in PHP regex the same?
file_put_contents path question
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 87 bytes)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!