A small sample solution for PHP login injection

A small example of PHP login injection will certainly have heard of SQL injection while learning PHP. Simply put, it is to use the SQL code vulnerability in the background to perform some illegal operations. For example, you can use the background code vulnerability to log on to the background. you do not need to know the real user name and password, but can also submit data through the form to log on to the background successfully. Let's take a user verification example. First, create a database and a data table and insert a record, as shown below: CREATETABLE 'user' ('User: a PHP login injection small example)
I have certainly heard of SQL injection when learning PHP. Simply put, I will use the SQL code vulnerability in the background to perform some illegal operations. For example, you can use the background code vulnerability to log on to the background. you do not need to know the real user name and password, but can also submit data through the form to log on to the background successfully. Let's take a user verification example. First, create a database and a data table and insert a record, as shown below:
Create table 'user '(
'Userid' int (11) not null auto_increment,
'Username' varchar (20) not null default '',
'Password' varchar (20) not null default '',
Primary key ('userid ')
) TYPE = MyISAM AUTO_INCREMENT = 3;
#
# Export the data 'user' in the table'
#
Insert into 'user' VALUES (1, 'angel', 'mypass ');
The code used to verify the user file is as follows:
PHP code:
$ Servername = "localhost ";
$ Dbusername = "root ";
$ Dbpassword = "";
$ Dbname = "injection ";
Mysql_connect ($ servername, $ dbusername, $ dbpassword) or die ("database connection failed ");
$ SQL = "SELECT * FROM user WHERE username = '$ username' AND password =' $ password '";
$ Result = mysql_db_query ($ dbname, $ SQL );
$ Userinfo = mysql_fetch_array ($ result );
If (empty ($ userinfo )){
Echo "logon failed ";
} Else {
Echo "login successful ";
}
Echo"

SQL Query: $ SQL

";
?>

At this time, we submit:
Http: // 127.0.0.1/injection/user. php? Username = angel 'or 1 = 1
Will return:
Warning: mysql_fetch_array (): supplied argument is not a valid MySQL result resource in F: wwwinjectionuser. php on line 13
Login failed
SQL Query: SELECT * FROM user WHERE username = 'angel' or 1 = 1' AND password ='
PHP Warning: mysql_fetch_array (): supplied argument is not a valid MySQL result resource in F: wwwinjectionuser. php on line 13
Have you seen it? After the single quotation marks are closed, the single quotation marks are not commented out. as a result, the single quotation marks are not correctly matched. Therefore, we can see that the statements we construct cannot be correctly executed by Mysql and must be re-constructed:
Http: // 127.0.0.1/injection/user. php? Username = angel 'or '1 = 1
"Login successful" is displayed, indicating that the operation is successful. Or submit:
Http: // 127.0.0.1/injection/user. php? Username = angel '/*
Http: // 127.0.0.1/injection/user. php? Username = angel '% 23
In this way, the subsequent statements are commented out! Let's talk about the differences between the two types of submission. The first sentence we submit is to use logical operations. it can be said that the application in ASP is very extensive. isn't that necessary? The second and third statements are based on the characteristics of mysql. mysql supports the/* and # annotation formats. Therefore, when we submit the statement, we will comment out the subsequent code, it is worth noting that, due to the encoding problem, submitting in the IE address bar # will become empty, so when submitting in the address bar, we should submit % 23 to change #, the comments are successful. this is much simpler than logic operations. it can be seen that PHP is more powerful and flexible than ASP.

Http://www.phpnewer.com/index.php/Dmaq/detail/id/202 address:

------ Solution --------------------
Haha
------ Solution --------------------
Thanks for sharing
------ Solution --------------------
The article is too old and out of date!
------ Solution --------------------
The article published yesterday is outdated ???

Discussion

The article is too old and out of date!

------ Solution --------------------
It is indeed an old method, and you can easily block these annotators; and the information output in case of errors
However, you can try websites that are not strictly checked.
------ Solution --------------------
How can I filter out single quotes?
------ Solution --------------------
I have seen this before.
This is only a single GET commit method. There is also the POST submission method

------ Solution --------------------
This advertisement male keeps advertising.
------ Solution --------------------
It seems that many of them are blocked now.
------ Solution --------------------
Fortunately, I want to participate.