SQL Injection

tomhath

Read an interesting article today about yet another thing to worry about. Suppose you verify a UserID and Password with something like this:

select count(UserID) from LoginTest where UserID='$user1' and Pass='$pwd1'

Now suppose some clown gives you a UserID like this:

' or 1=1--

The generated SQL would be

Select count(UserID) from LoginTest where UserID='' or 1=1--and Pass=''

Since the -- is the start of a comment in SQL, someone could easily break into your database and cause problems. Always protect yourself from special characters in user input.

Anon

Nope!

PHP addes slashes to the quotes. So your query looks like this:

select count(UserID) from LoginTest where UserID='\' or 1=1--' and Pass=''

-sridhar

Anon

php only adds slashes if you tell it too by turning magic quotes on.

don't trust it.

always cleanse user input. ESPECIALLY for web based applications.

Anon

Really? wow. thanks for the advise....

just one question:

is this a config parameter in php.ini?

-sridhar