Analysis of SQL injection prevention method in PHP login

Source: Internet
Author: User
Tags foreach sql injection sql injection prevention

To prevent SQL injection these details are usually in the effect of a programmer or a novice programmer, they did not have the data submitted by the user to do some very filter so as to cause the test for everyone to break your database, the following I come to a simple user login is not a security configuration may occur in the SQL injection method, Let's take a look below.

For example, the following section of the login code:

The code is as follows

if ($l = @mysql_connect (' localhost ', ' root ', ' 123 ')) or Die (' Database connection failed ');

mysql_select_db (' Test ');

Mysql_set_charset (' UTF8 ');

$sql = ' SELECT * FROM test where username = ' $username ' and password = ' $password ';

$res = mysql_query ($sql);

if (mysql_num_rows ($res)) {

Header (' location:./home.php ');

}else{

Die (' input error ');

}

Note that the above SQL statements, there are great security risks, if the use of the following universal password and universal username, you can easily access the page:

The code is as follows

1. $sql = ' SELECT * FROM test where username = "* * *" and password = "* * *" or 1 = "1" ";

Obviously, the universal password for this SQL statement is: * * * * "or 1 =" 1

The code is as follows

2. $sql = ' SELECT * FROM test where username = "* *" union SELECT * "users/*" and password = "* *";

Forward slash * means that the following does not execute, MySQL support Union union query, so directly query all data; So the universal username for this SQL statement is: * * * "UNION SELECT * FROM users/*

However, this injection is only for SQL statements in code, if

The code is as follows
$sql = "SELECT * FROM Test where username = $username and password = $password";

The above injection has at least no use, but the method is the same;

After using PDO, SQL injection can be completely avoided, and in this fast-developing era, the framework is rampant and there is no need to think too much about SQL injection problems.

Two prevent SQL registration functions are sorted below

The code is as follows

/* Filter all get over variable * *
foreach ($_get as $get _key=> $get _var)
{
if (Is_numeric ($get _var)) {
$get [Strtolower ($get _key)] = Get_int ($get _var);
} else {
$get [Strtolower ($get _key)] = Get_str ($get _var);
}
}
* * Filter all post variables.
foreach ($_post as $post _key=> $post _var)
{
if (Is_numeric ($post _var)) {
$post [Strtolower ($post _key)] = Get_int ($post _var);
} else {
$post [Strtolower ($post _key)] = Get_str ($post _var);
}
}
/* Filter Function * *
Integer Filter function
function Get_int ($number)
{
Return Intval ($number);
}
string-Type Filter functions
function Get_str ($string)
{
if (!GET_MAGIC_QUOTES_GPC ()) {
Return addslashes ($string);
}
return $string;
}

And some bloggers will write that.

  code is as follows &nbs P;

<?php   
function Post_check ($post)  

if (!GET_MAGIC_QUOTES_GPC ())//To determine if MAGIC_QUOTES_GPC is open  

$post = Addslashes ($post); /Do not open the MAGIC_QUOTES_GPC of the data submitted to the filter  

$post = Str_replace ("_", "\_", $post);//Filter out ' _ '  
$p ost = Str_replace ("%", "\%", $post); Filter out the '% '  
$post = nl2br ($post);//carriage return conversion  
$post = Htmlspecialchars ($post);//HTML markup conversion  
Retur n $post;  

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.