PHP Code Web site to prevent SQL Injection vulnerability attack recommendations

All webmasters will be concerned about the security of the site. When it comes to security, you have to talk about SQL injection attacks (SQL injection). Hackers can get access to the website database through SQL injection, then they can get all the data in the database of the website, the malicious hacker can manipulate the data in the database through SQL injection function and even destroy the data in the database. As a web developer, you hate this kind of hacker behavior, and of course it's important to understand how SQL injects this functionality and learn how to protect your Web site database with code. Today, for example, using PHP and MySQL databases, share what I've learned about SQL injection attacks and some simple precautions and some tips on how to avoid SQL injection attacks.

What is SQL injection (SQL injection)?

In simple terms, SQL injection uses code vulnerabilities to get data from a Web site or an SQL database in the background of an application, thereby gaining access to the database. For example, hackers can use the site code vulnerabilities, using SQL injection method to obtain a company web site in the background of all the data information. After you get the database administrator login username and password, the hacker is free to modify the contents of the database or even delete the database. SQL injection can also be used to verify the security of a Web site or application. There are many ways to inject SQL, but this article will only discuss the most basic principles, and we'll take PHP and MySQL for example. The example in this article is simple, and if you understand it in other languages it won't be difficult, focus on the SQL command.

A simple SQL injection attack case

If we have a company web site, in the site's background database to keep all the customer data and other important information. If there is such a command in the code of the website login page to read the user information.

?

$q = "Select ' id ' from ' users ' WHERE ' username ' = '". $_get[' username ']. " ' and ' password ' = '. $_get[' password '. ' ";

?>

Now that a hacker wants to attack your database, he will try to enter the following code in the User name input box on this login page:

' ; Show TABLES;

Click on the login key, this page will display all the tables in the database. If he now uses the following line of command:

'; DROP TABLE [table name];

So he deleted a table!

Of course, this is just a very simple example, the actual SQL injection method is much more complex than this, hackers are willing to spend a lot of time to try to attack your code. Some program software can also automatically try to keep trying SQL injection attacks. Once you understand the attack principle of SQL injection, let's take a look at how to guard against SQL injection attacks.

Preventing SQL injection-using the mysql_real_escape_string () function

Use this function mysql_real_escape_string () in the code of the database operation to filter out special characters in the code, such as quotes. The following example:

?

$q = "Select ' id ' from ' users ' WHERE ' username ' = '". Mysql_real_escape_string ($_get[' username '). " ' and ' password ' = '. mysql_real_escape_string ($_get[' password '). " ' ";

?>

Preventing SQL injection-using the mysql_query () function

mysql_query () in particular it will execute only the first of the SQL code, and the latter will not be executed. Recall that in the first example, the hacker executed several SQL commands in the background by code, showing the names of all the tables. So the mysql_query () function can take the role of further protection. We further evolve the code just now to get the following code:

?

Connection

$database = mysql_connect ("localhost", "username", "password");

DB selection

mysql_select_db ("Database", $database);

$q = mysql_query ("SELECT" id ' from ' users ' WHERE ' username ' = ' ". Mysql_real_escape_string ($_get[' username '])." ' and ' password ' = '. mysql_real_escape_string ($_get[' password '). " ' ", $database);

?>

In addition, we can also judge the length of the input value in the PHP code, or use a function to check the input value. Therefore, in the acceptance of user input values must do a good job of filtering and checking the input content. Of course, learning and understanding the latest SQL injection is also very important, so as to achieve purposeful prevention. If you are using a platform-style Web site system such as WordPress, be careful to make an official patch or upgrade to a new version in a timely fashion. If there is something wrong or not understood please leave a comment in the comments area. Article from Guangzhou website construction: http://www.gscpp.net reprint please keep the link!