This is a comprehensive anti-injection program that combines PHP and SQL. In PHP, it mainly filters get, post, cooke, and files. In SQL, we detect and filter delete and update query commands. .
General idea of SQL injection attack
·Discover SQL injection location;
·Determine the background database type;
·Determine the executability of XP_CMDSHELL
·Discover WEB virtual directory
·Upload ASP, php, jsp Trojans;
·Get administrator rights;
//PHP whole site anti-injection program, you need to require_once this file in the public file
//Judge magic_quotes_gpc status
//Use addslashes function to process
$array = addslashes ( $array );
} else if (is_numeric ( $array )) {
$array = intval ( $array );
}
return $array;
}
1. Judgment of integer parameters
When the input parameter YY is an integer, usually the original SQL statement in abc.asp is roughly as follows:
select * from table name where field=YY, so you can use the following steps to test whether SQL injection exists.
①HTTP://xxx.xxx.xxx/abc.asp?p=YY’ (with a single quote attached), at this time the SQL statement in abc.ASP becomes
select * from table name where field=YY’, abc.asp runs abnormally;
②HTTP://xxx.xxx.xxx/abc.asp?p=YY and 1=1, abc.asp runs normally, and the results are the same as HTTP://xxx.xxx.xxx/abc.asp?p=YY ;
③HTTP://xxx.xxx.xxx/abc.asp?p=YY and 1=2, abc.asp runs abnormally;
If the above three steps are fully satisfied, there must be a SQL injection vulnerability in abc.asp.
Based on the above, we write an integer filter function
The code is as follows
Copy code
function num_check($id) {
if (! $id) {
die ( 'Parameter cannot be empty!' );
} //Judge whether it is empty
else if (inject_check ( $id )) {
die ('Illegal parameter');
} //Inject judgment
else if (! is_numetic ( $id )) {
die ('Illegal parameter');
}
//Number judgment
$id = intval ( $id );
//integer
return $id;
}
//Character filter function
function str_check($str) {
if (inject_check ( $str )) {
die ('Illegal parameter');
}
//Inject judgment
$str = htmlspecialchars ( $str );
//Convert html
return $str;
}
function search_check($str) {
$str = str_replace ( "_", "_", $str );
//Filter out "_"
$str = str_replace ( "%", "%", $str );
//Filter out "%"
$str = htmlspecialchars ( $str );
//Convert html
return $str;
}
//Form filter function
function post_check($str, $min, $max) {
if (isset ( $min ) && strlen ( $str ) < $min) { <🎜>
die ('minimum $min bytes'); <🎜>
} else if (isset ( $max ) && strlen ( $str ) > $max) {
die ('Up to $max bytes');
}
return stripslashes_array ( $str );
}
When the input parameter YY is a string, usually the original SQL statement in abc.asp is roughly as follows:
select * from table name where field='YY', so you can use the following steps to test whether SQL injection exists.
①HTTP://xxx.xxx.xxx/abc.asp?p=YY’ (with a single quote attached), at this time the SQL statement in abc.ASP becomes
select * from table name where field=YY’, abc.asp runs abnormally;
②HTTP://xxx.xxx.xxx/abc.asp?p=YY&;nb ... 39;1'='1', abc.asp runs normally and is the same as HTTP://xxx.xxx.xxx/abc .asp?p=YY has the same running results;
③HTTP://xxx.xxx.xxx/abc.asp?p=YY&;nb ... 39;1'='2', abc.asp runs abnormally;
If the above three steps are fully satisfied, there must be a SQL injection vulnerability in abc.asp.
?>
Well, the injection prevention introduced in the article is relatively comprehensive. You can test it or come up with better methods.
http://www.bkjia.com/PHPjc/629668.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629668.htmlTechArticleThis is a comprehensive anti-injection program that combines php and sql. It is convenient for get and post in php. ,cooke,files are filtered. In sql, we perform delete and update query commands...
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals.
This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems.
With a large collection of extensions for many programming languages, VS Code can be c
This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase.
What is a vowel?
Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase:
a, e, i, o, u
Example 1
Input: String = "Tutorialspoint"
Output: 6
explain
The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
What are the magic methods of PHP? PHP's magic methods include: 1.\_\_construct, used to initialize objects; 2.\_\_destruct, used to clean up resources; 3.\_\_call, handle non-existent method calls; 4.\_\_get, implement dynamic attribute access; 5.\_\_set, implement dynamic attribute settings. These methods are automatically called in certain situations, improving code flexibility and efficiency.
In PHP8, match expressions are a new control structure that returns different results based on the value of the expression. 1) It is similar to a switch statement, but returns a value instead of an execution statement block. 2) The match expression is strictly compared (===), which improves security. 3) It avoids possible break omissions in switch statements and enhances the simplicity and readability of the code.
Backend Development
