pradapkumar
asked on
sql injection
What is an SQL Injection Attack / Vulnerability? In my official web site security audit, the following query found SQL Injection Attack / Vulnerability.. How to avoid this. please help urgent.
mysql_query("UPDATE users SET age='$age' WHERE id = '$id'");
thaks in advance.
mysql_query("UPDATE users SET age='$age' WHERE id = '$id'");
thaks in advance.
mysql_query("UPDATE users SET age='$age' WHERE id = '$id'");
If the string $id is "foo' OR 'x'='x", the resulting query will be:
mysql_query("UPDATE users SET age=$age WHERE id = 'foo' OR 'x'='x'");
This will update age of every user, clearly not a good thing.
A safer way of doing this is:
if (get_magic_quotes_gpc()) {
$age = stripslashes($age);
}
mysql_query("UPDATE users SET age='".mysql_real_quote_st
If the string $id is "foo' OR 'x'='x", the resulting query will be:
mysql_query("UPDATE users SET age=$age WHERE id = 'foo' OR 'x'='x'");
This will update age of every user, clearly not a good thing.
A safer way of doing this is:
if (get_magic_quotes_gpc()) {
$age = stripslashes($age);
}
mysql_query("UPDATE users SET age='".mysql_real_quote_st
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks for immediate reply!
SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.