Everyone good a few days ago to do a website considering I did not do SQL anti-injection these days to see some of the cases listed on my own website but did not respond now ask me to write how to build SQL code to be injected?
The main statement is this.
Include ". /admin/connss.php ";
$id =$_get[id];
$sql =mysql_query ("SELECT * from news where id= ' $id '");
$row = Mysql_fetch_array ($sql);
?>
Everything else is displayed. I feel like I didn't do the filtering. This should be injected, but I tried some methods.
Thank you
Reply to discussion (solution)
Addslashes or mysql_real_escape_string can escape the field to prevent injection
Addslashes or mysql_real_escape_string can escape the field to prevent injection
Excuse me, if I use MySQL database, just mysql_real_escape_string, do not do other operations can prevent MySQL injection?
Connect with PDO, mysql_real_escape_string in the new version of PHP has been abandoned, addslashes is not reliable.
Addslashes or mysql_real_escape_string can escape the field to prevent injection
I mean, how do you build a SQL injection for this piece of code? Thank you
But is it true that you can't inject it? What do you want?
But is it true that you can't inject it? What do you want?
Remove the double quotes yourself.
Include ". /admin/connss.php ";
$id =intval ($_get[id]);
$sql =mysql_query ("SELECT * from news where id= ' $id '");
$row = Mysql_fetch_array ($sql);
?>
Add a 0 to the back.