Home > Backend Development > PHP Tutorial > SQL injection in PHP query login_PHP tutorial

SQL injection in PHP query login_PHP tutorial

WBOY
Release: 2016-07-13 10:27:28
Original
877 people have browsed it

-------------------------------------------------- -------------------------------------------------- ------

For example, the following login code:

if($l = @mysql_connect('localhost', 'root', '123')) or die('Database connection failed');

mysql_select_db('test');

mysql_set_charset('utf8');

$sql = 'select * from test where username = "$username" and password = "$password"';

$res = mysql_query($sql);

if(mysql_num_rows($res)){

header('Location:./home.php');

}else{

die('Incorrect input');

}

----------------------------------@chenwei Black-eyed Poet------ ------------------

Pay attention to the above SQL statement, which has great security risks. If you use the following universal password and universal username, you can easily enter the page:

 1. $sql = 'select * from test where username = "***" and password = "***" or 1 = "1"';

Obviously, the universal password for this sql statement is: ***" or 1 = "1

2. $sql = 'select * from test where username ="***" union select * from users/* and password = "***"';

Forward slash * means that the following will not be executed. MySQL supports union query, so all data can be directly queried; so the universal user name for this SQL statement is: ***" union select * from users/*

However, this injection only targets the sql statement in the code, if $sql = "select * from test where username = $username and password = $password";

At least the above injection no longer works, but the method is the same;

After using PDO, sql injection can be completely avoided, and in this era of rapid development and frameworks are rampant, there is no need to think too much about sql injection.

-------------------------------------------------- -------------------------------------------------- ---

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/819111.htmlTechArticle------------------------ -------------------------------------------------- -------------------------- For example, the following login code: if($l = @mysql_connect('localhost', 'root'.. .
Related labels:
php
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template