This article mainly introduces how to prevent SQL injection during PHP login. For more information, see
This article mainly introduces how to prevent SQL injection during PHP login. For more information, see
Generally, the general programmers or novice programmers who have problems preventing SQL injection do not filter the data submitted by users, as a result, your database was cracked at the moment of the test. Next we will briefly introduce an SQL injection method that may occur when you log on without security configuration, let's take a look.
For example, the following logon code:
If ($ l = @ mysql_connect ('localhost', 'root', '000000') or die ('database connection failed'); mysql_select_db ('test '); mysql_set_charset ('utf8'); $ SQL = 'select * from test where username = "$ username" and password = "$ password" '; $ res = mysql_query ($ SQL ); if (mysql_num_rows ($ res) {header ('location :. /home. php ');} else {die ('incorrect input ');}
Note that the preceding SQL statement has a great security risk. If you use the following universal password and universal user name, you can easily access the page:
$ SQL = 'select * from test where username = "***" and password = "***" or 1 = "1 "';
Obviously, the universal password for this SQL statement is: *** "or 1 =" 1
$ SQL = 'select * from test where username = "***" union select * from users/* and password = "***"';
The forward slash * indicates that the subsequent query is not executed. mysql supports union Joint query, so all data is directly queried. Therefore, the universal user name for this SQL statement is: * ** "union select * from users /*
However, this injection only applies to SQL statements in the Code. If
$ SQL = "select * from test where username = $ username and password = $ password ";
The above injection should at least be useless, but the method is the same;
After using PDO, SQL injection can be completely avoided. In this era of rapid development, the framework is rampant and you do not need to worry too much about SQL injection.
Below are two functions to prevent SQL Registration
/* Filter all GET variables */foreach ($ _ GET as $ get_key => $ get_var) {if (is_numeric ($ get_var )) {$ get [strtolower ($ get_key)] = get_int ($ get_var);} else {$ get [strtolower ($ get_key)] = get_str ($ get_var );}} /* filter all POST variables */foreach ($ _ POST as $ post_key => $ post_var) {if (is_numeric ($ post_var )) {$ post [strtolower ($ post_key)] = get_int ($ post_var);} else {$ post [strtolower ($ post_key)] = get_str ($ post_var );}} /* filter function * // integer Filter Function Number function get_int ($ number) {return intval ($ number);} // string type filter function get_str ($ string) {if (! Get_magic_quotes_gpc () {return addslashes ($ string);} return $ string ;}
In addition, some blogs will write like this.
<? Php function post_check ($ post) {if (! Get_magic_quotes_gpc () // determines whether magic_quotes_gpc is enabled {$ post = addslashes ($ post ); // filter submitted data when magic_quotes_gpc is not enabled} $ post = str_replace ("_", "\ _", $ post ); // filter '_' out $ post = str_replace ("%", "\ %", $ post ); // filter '%' out $ post = nl2br ($ post); // press enter to convert $ post = htmlspecialchars ($ post ); // convert the html tag to return $ post;}?>