Jump to content
Sign in to follow this  
Colourtheory

SQL Injection

Recommended Posts

The risk is accepting any input from the outside and using it to create a SQL query. Even cookies and hidden fields can be easily edited by a hacker. The two primary defenses are to sanitize all external inputs with a regex (and a length limiter for XSS) and to use parameterized queries.

Share this post


Link to post
Share on other sites

using PDO if you are writing you scripts in PHP and is supported by your version of PHP is a good practice as well as servier side sanitization/validation of input. basically, if you are expecting a username, there shouldn't be anything but values from a-Z, if you are expecting a zip code, it should only be numbers, and five digits long, etc. If you can validate client side with JS, that is a convenience for the user, but you should also perform the same validation server side. never trust user input.

Edited by thescientist

Share this post


Link to post
Share on other sites

This highly depends on what server side language you are using. Props to thescientist for recommending PDO because it is one of the awesome classes in PHP. Essentially, an sql injection occurs when a user injects code that looks like sql code and reads as sql code when put in the query. //partial PHP codeWARNING: this code is an example of bad code"SELECT username, passwordFROM usersWHERE username = $_POST['username']AND password = $_POST['password']" Suppose you have that query, and I send the post variables of $_POST['username'] = " 'aaa' OR 1=1 -- "Now you have, "SELECT username, password FROM users WHERE username = 'aaa' OR 1=1 -- The AND statement is now left out because it was commented, and now I get every username and password because 1 is always equal to 1. If for some odd reason you printed out those results to the screen like to show their username, I would have a list of all the usernames in your 'users' table. PDO escapes this issue with the execute statement and using placeholders in the sql query.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...