I keep getting told by people my code (https://github.com/LaughingQuoll/Administrator-Control-Panel) is vunerable to SQL injection. That all great but I dont understand how to fix it. I think I fixed in in the index.php file but I dont know. Could someone please take a look over it and suggest how I can fix it or if I did fix it with my recent commit. Thanks.
1条回答 默认 最新
dongyi1921 2015-11-08 04:52关注TL;DR;
Use prepared statements and read How can I prevent SQL injection in PHP? carefully
While this is not a code review site, but a question and answer site, I would like to point out that as long as you are doing things like this....
$result = mysqli_query("SELECT * FROM members WHERE username='" . $uername . "' and password = '". $password."'");in your code where you are concatenating values into your code without first passing them through the proper escape functions, you are definitely vulnerable to SQL injection. You're also vulnerable to human error (forgetting to escape or escaping incorrectly).
Even though here you do pass the value into
mysqli_real_escape_stringyou're doing it before the connection to the SQL server is established, and thus before the charset is negotiated between the client and server, which means you are still be vulnerable to SQLi.**** Big fat warning in the manual for this ****
Caution
Security: the default character set
The character set must be set either at the server level, or with the API function
mysqli_set_charset()for it to affectmysqli_real_escape_string(). See the concepts section on character sets for more information.Not going to bother doing a full audit on your code here, but I am going to point you to How can I prevent SQL injection in PHP? and also https://stackoverflow.com/a/12202218/1878262 for more details on why character set negotiation is still important to preventing SQLi.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报
分享
- 2015-11-08 04:44回答 1 已采纳 TL;DR; Use prepared statements and read How can I prevent SQL injection in PHP? carefully While
- 2014-10-05 11:33回答 1 已采纳 You could easily just call the addNewUser() function passing the required parameters as: addNewUs
- 2017-09-26 11:50回答 1 已采纳 First of all, don't use mysql_, use mysqli_. Second, that's because you can't put two queries in
- 2020-12-19 18:52对于攻击者来说,进行SQL注入攻击需要思考和试验,对数据库方案进行有根有据的推理非常有必要(当然假设攻击者看不到你的源程序和数据库方案),考虑以下简单的登录表单:复制代码 代码如下:<form action=”/...
- 2017-09-22 07:12回答 4 已采纳 $exc = $dbh->prepare("SELECT id, cid, fullname FROM user WHERE BINARY username LIKE :username A
- 2019-02-26 18:23回答 2 已采纳 You can used session variable ,it will help to make data accessible across the various pages . So
- 2018-04-26 23:36回答 1 已采纳 Try to replace your code into this <input type="text" name="sms_numbers" // change input name
- 2020-12-18 02:24在某些表单中,用户输入的内容直接用来构造(或者影响)动态SQL命令,或作为存储过程的输入参数,这类表单特别容易受到SQL注入式攻击。常见的SQL注入式攻击过程类如: ⑴ 某个ASP.NET Web应用有一个登录页面,这个...
- 2019-08-07 09:54回答 2 已采纳 Solution: I used Apache as the webserver, but the HTML and PHP files were in another location, so
- 2017-03-16 16:50回答 1 已采纳 You are basically not posting your data to your processform.php file. Using <?php echo $_SERVER
- 2017-02-22 01:08回答 1 已采纳 If you are having problems distinguishing between your radio buttons and other form fields, you co
- 2023-05-31 13:33本案例主要在PHP中分别使用PDO的quote()方法和prepare()预处理语句来实现防止sql注入的功能。 所谓sql注入,就是通过把sql命令插入到Web表单提交或输入域名或页面请求的查询字符串,最终达到欺骗服务器执行恶意的sql...
- 2018-04-13 19:26回答 1 已采纳 When a user logging in your system, store that user's ID & user name in session & retrieve that us
- 2022-02-24 20:01zhoupenghui168的博客 在某些表单中,用户输入的内容直接用来构造(或者影响)动态SQL命令,或作为存储过程的输入参数,这类表单特别容易受到SQL注入式攻击。常见的SQL注入式攻击过程类如: ⑴ 某个php Web应用有一个登录页面,这个登录...
- 2020-10-19 12:10主要介绍了PHP实现表单提交数据的验证处理功能,可实现防SQL注入和XSS攻击等,涉及php字符处理、编码转换相关操作技巧,需要的朋友可以参考下
- 没有解决我的问题, 去提问
悬赏问题
- ¥500 火焰左右视图、视差(基于双目相机)
- ¥100 set_link_state
- ¥15 虚幻5 UE美术毛发渲染
- ¥15 CVRP 图论 物流运输优化
- ¥15 Tableau online 嵌入ppt失败
- ¥100 支付宝网页转账系统不识别账号
- ¥15 基于单片机的靶位控制系统
- ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
- ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
- ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本