In-depth understanding of SQL injection and SQL
1. What is SQL injection )?
SQL injection is an attack method that adds SQL code to input parameters and passes it to the SQL Server for parsing and execution.
2. How to generate it?
Web developers cannot ensure that all input is filtered
Attackers use the input data sent to the SQL Server to construct executable SQL code.
The database does not have the corresponding Security Configuration
3. How to Find SQL vulnerabilities?
Recognize all input points in a web application
What types of requests will trigger exceptions? (Special Character "or ')
Detect exceptions in Server Response
4. How to launch SQL injection attacks?
Digital Injection:
Select * from tablename where id = 1 or 1 = 1;
String injection:
Note feature of Mysql:
# And -- are commented out, regardless of what password is entered, can be correctly queried. Click here to enter the image description
5. How to Prevent SQL injection?
Strictly check the input format: is_numeric (var), tp5 validate verification, and string injection using regular expressions to check whether the value is between [A-Za-z ].
Escape: addslashes (str ),
Escape the mysqli_escape_string () function
6. MySQLi pre-compilation Mechanism
Parameterized binding
Parameterized binding prevents another barrier of SQL injection. Php MySQLi and PDO provide such functions. For example, you can query MySQLi as follows:
PDO is more convenient, such: