dongshi1207 2011-06-30 00:05
浏览 80
已采纳

注释字段中的sql注入

I have a comment form that consists of 2 fields (title and comment). Database contains 3 columns id, title and comment. Comment is displayed based on it's title like domain.com/index.php?id=sometitle

The title field is properly secured for sql injection using mysql_real_escape_string, but comment field which is a textarea is left open without escaping. I can escape it, however i'm wondering what harm can it do to just leave it without using mysql_real_escape_string on that field knowing that title is already escaped and it's how the output is retrieved.

  • 写回答

5条回答 默认 最新

  • dtsc14683 2011-06-30 00:19
    关注

    What would happen if someone typed this into your textarea.

    some comment');DELETE FROM COMMENTS;--

    If your query to insert the comment were something like 

    INSERT INTO Comments(Title,Comment) VALUES('$title','$comments');

    then you would have a problem. the resulting query would be

     INSERT INTO Comments(Title,Comment) VALUES('some title','some comment');DELETE FROM COMMENTS;--'

    or to lay it out in a more readable format

    INSERT INTO Comments(Title,Comment) VALUES('some title','some comment');
DELETE FROM COMMENTS;--'

    the --' at the end just creates a comment, to get rid of any extra SQL that would make it not parse properly.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(4条)

报告相同问题?

悬赏问题

  • ¥15 在获取boss直聘的聊天的时候只能获取到前40条聊天数据
  • ¥20 关于URL获取的参数,无法执行二选一查询
  • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
  • ¥15 marlin编译错误,如何解决?
  • ¥15 有偿四位数,节约算法和扫描算法
  • ¥15 VUE项目怎么运行,系统打不开
  • ¥50 pointpillars等目标检测算法怎么融合注意力机制
  • ¥20 Vs code Mac系统 PHP Debug调试环境配置
  • ¥60 大一项目课,微信小程序
  • ¥15 求视频摘要youtube和ovp数据集