Addslashes and other ways to clear the blanks are unsafe.

Source: Internet
Author: User
Tags sql injection attack

The way to clear whitespace is unsafe, in part because there are a lot of spaces in the characters, such as "The problem with addslashes is that hackers can use 0xbf27 instead of single quotes, and addslashes just modifies 0xbf27 to 0xbf5c27 to become a valid multibyte character , the 0xbf5c will still be considered as single quotes, so addslashes cannot intercept successfully. "

It is best to follow the specific parameters required to verify that the calibration is an int, etc., plus the parameters of the database operation method. In fact, this is the database of SQL problem, should be from the source database itself to solve, but some database slip to provide the corresponding method.

--------------------------------------------------

PHP several anti-SQL injection attack self-bringing function differences
2010-12-24 13:09:22

SQL injection attacks are the most common means by which hackers attack websites. If your site does not use strict user input validation, it is often vulnerable to SQL injection attacks. SQL injection attacks are typically implemented by submitting bad data or query statements to the site database, which is likely to expose, change, or delete records in the database.

In order to prevent SQL injection attacks, PHP comes with a function to process the input string, the input can be in the lower level of security preliminary processing, also known as Magic Quotes. (PHP.ini MAGIC_QUOTES_GPC). If the MAGIC_QUOTES_GPC option is enabled, then the single quotation marks, double quotes, and some other characters in the input string are automatically prefixed with backslashes.

But Magic quotes is not a very general solution, it does not block all potentially dangerous characters, and magic quotes is not enabled on many servers. So there are a number of other ways we need to prevent SQL injection.

Many databases themselves provide this input data processing capability. For example, PHP's MySQL operator function has functions such as addslashes (), mysql_real_escape_string (), mysql_escape_string (), which can escape special characters and characters that may cause errors in database operations. So what's the difference between these three function functions? Let's go over the details below.

Although many PHP programmers in the country still rely on addslashes to prevent SQL injection, it is recommended to strengthen Chinese to prevent SQL injection check. The problem with addslashes is that hackers can use 0xbf27 instead of single quotes, and addslashes just modifies 0xbf27 to 0xbf5c27 as a valid multibyte character, where 0xbf5c is still considered a single quote, So addslashes can't intercept successfully.

Of course addslashes is not useless, it is used for single-byte string processing, multibyte characters or mysql_real_escape_string bar.

Another example of GET_MAGIC_QUOTES_GPC in the PHP manual:
if (!GET_MAGIC_QUOTES_GPC ()) {
$lastname = addslashes ($_post[' LastName ');
} else {
$lastname = $_post[' LastName ');
}
It is best to check the $_post[' LastName ' If the MAGIC_QUOTES_GPC is already open.

Again, the difference between the 2 functions of mysql_real_escape_string and mysql_escape_string:
Mysql_real_escape_string must be used in cases (PHP 4 >= 4.3.0, PHP 5). Otherwise you can only use mysql_escape_string, the difference between the two is: Mysql_real_escape_string consider the current character set of the connection, and mysql_escape_string not consider.

To summarize:

* Addslashes () is forcibly added;
* Mysql_real_escape_string () will determine the character set, but the PHP version is required;
* Mysql_escape_string does not consider the current character set of the connection.

The prevention of SQL injection in DZ is to use the Addslashes function, while there are some substitutions in dthmlspecialchars this function $string = Preg_replace (/& ]{4}));)/, &\1, this substitution solves the problem of injection, but also solves some problems of Chinese garbled

Addslashes and other ways to clear the blanks are unsafe.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.