Praetorian Posted June 8, 2008 Share Posted June 8, 2008 Just for the heck of it, I tried a few sql injection lines on my localhost. None of them worked... I tried them on a textarea where the contents are put into a variable and inserted straight into the database. Are textareas not vulnerable to SQL injection? Or is it the version of PHP I'm using? I have magic quotes turned off, not using my_real_escape_string or stripslashes..I just want to be sure what's vulnerable and what's not, so I know what to protect.Here's the query as is.. followed by the line I added to the textarea. mysql_query("UPDATE $country SET content='$edit_content' WHERE header='$header_location'") or die (mysql_error()); '; DROP TABLE siymeha'; Link to comment Share on other sites More sharing options...
boen_robot Posted June 8, 2008 Share Posted June 8, 2008 The resulting query must still be executable, and if memory serves, "';'" is not a valid way to end a query.I mean that with what you have, your resulting query is something like: UPDATE $country SET content='$edit_content' WHERE header=''; DROP TABLE siymeha';' (assuming the text area corresponds to $header_location)I think if you change your input to something like: '; DROP TABLE siymeha (note the missing "';" in the end)you'll have more luck, as the resulting query then would be: UPDATE $country SET content='$edit_content' WHERE header=''; DROP TABLE siymeha' which is (I believe) an executable query. Link to comment Share on other sites More sharing options...
Praetorian Posted June 8, 2008 Author Share Posted June 8, 2008 Hm. Yea, I tried that on a textarea and the same thing happened. Nothing happened to the table. It just inserted the text as text. Very odd. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.