Programming Tutorials

What is SQL Injection

By: Emiley J. in MySQL Tutorials on 2008-11-23  

SQL Injection is a method in which an attacker inserts malicious code into queries that run on your database. Have a look at this example:

<?php
$query = "SELECT login_id FROM users WHERE user='$user' AND pwd='$pw'";
mysql_query($query);
?>

Voila ! Anyone can log in as any user, using a query string like http://example.com/login.php?user=admin'%20OR%20(user='&pwd=')%20OR%20user=', which effectively calls the following statements:

<?php
$query = "SELECT login_id FROM users WHERE user='admin' OR (user = '' AND pwd='') OR user=''";
mysql_query($query);
?>

It's even simpler with the URL http://example.com/login.php?user=admin'%23, which executes the query SELECT login_id FROM users WHERE user='admin'#' AND pwd=''. Note that the # marks the beginning of a comment in SQL.

Again, it's a simple attack. Fortunately, it's also easy to prevent. You can sanitize the input using the addslashes() function that adds a slash before every single quote ('), double quote ("), backslash (\), and NUL (\0). Other functions are available to sanitize input, such as strip_tags().






Add Comment

* Required information
1000

Comments

No comments yet. Be the first!

Most Viewed Articles (in MySQL )

ERROR 1251: Client does not support authentication protocol requested by server; consider upgrading MySQL client

Use a dynamic table name in a SQL Server SELECT statement

Modify a auto_increment id column in mysql to accept a 5 digit random number instead

Changing the Structure of an Existing Table in MySQL

mysqldumpslow in MySQL - Summarize slow query log.

Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access them.

Sample my.cnf (my.ini) for MySQL with 1GB RAM

What is SQL Injection

MySQL Strengths and Weaknesses

Finding slow queries in MySQL - Enable slow query log.

sql if null then 0

Inserting Data into Tables in MySQL

Querying the Database in MySQL

Table __________ is marked as crashed and should be repaired.

Modifying data and using WHERE clause in MySQL

Latest Articles (in MySQL)