Home > Developer > PHP

Php website SQL injection vulnerability solution

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Php website SQL injection vulnerabilities I used 360 online tools to detect vulnerabilities & nbsp; detected minor SQL Injection Vulnerabilities & nbsp; use the open source code shown in the 360 prompt, but the installation is always unsuccessful & nbsp; ask the master & nbsp; to help solve the HA SQL injection vulnerability. Php website SQL Injection Vulnerability


I used the 360 online tool to detect the vulnerability and found a slight SQL Injection Vulnerability. I used the open source code shown in the 360 prompt to put it in, but the installation was always unsuccessful. could you help me solve the HA SQL injection vulnerability. I don't know how to get started yet .. Share SQL injection php:
------ Solution --------------------
You can directly look at the repair solution.
------ Solution -------------------- 
Fatal error: Call to undefined method NodeNav::GetCounter() in E:\www\ECMS\Template_c\Template@gfx_gov@wsbs@list_zxft.htm on line 158

First, it should be NodeNav.
As prompted, open the program and modify it one by one.
------ Solution --------------------
It mainly involves backslash, single double quotation marks, and data filtering,
------ Solution --------------------
Quick Solution: Use a host of higher quality (such as HiChina )! Otherwise, even if you have no problems with the program, your website will still be injected!

------ Solution --------------------
Reference:
Quick Solution: Use a host of higher quality (such as HiChina )! Otherwise, even if you have no problems with the program, your website will still be injected!


May I hear more
------ Solution --------------------
Reference:
Quote: reference:

Quick Solution: Use a host of higher quality (such as HiChina )! Otherwise, even if you have no problems with the program, your website will still be injected!


May I hear more


If you use a virtual host, you can use one host for multiple websites. This is often the case if your website is secure but not on the same host.
------ Solution --------------------
Reference:
Quote: reference:

Quote: reference:

Quick Solution: Use a host of higher quality (such as HiChina )! Otherwise, even if you have no problems with the program, your website will still be injected!


May I hear more


If you use a virtual host, you can use one host for multiple websites. This is often the case if your website is secure but not on the same host.

Look at this, buddy.
PHP websites are vulnerable to the following attacks:
1. Command Injection)

2. eval Injection)

3. Script Insertion)

4. Cross-Site Scripting (XSS)

5. SQL injection attacks)

6. Cross-Site Request forgery (CSRF)

7. Session Hijacking)

8. Session Fixation)

9. HTTP Response Splitting attack (HTTP Response Splitting)

10. File Upload Attack)

11. Directory Traversal vulnerability (Directory Traversal)

12. Remote file Inclusion attack)

13. Dynamic function injection (Dynamic Variable Evaluation)

14. URL attack)

15. Form submission spoofing attack (Spoofed Form Submissions)

16. HTTP request spoofing attack (Spoofed HTTP Requests)
------ Solution --------------------
Reference:
Quote: reference:

Quote: reference:

Quote: reference:

Quick Solution: Use a host of higher quality (such as HiChina )! Otherwise, even if you have no problems with the program, your website will still be injected!


May I hear more


If you use a virtual host, you can use one host for multiple websites. This is often the case if your website is secure but not on the same host.

Look at this, buddy.
PHP websites are vulnerable to the following attacks:
1. Command Injection)

2. eval Injection)

3. Script Insertion)

4. Cross-Site Scripting (XSS)

5. SQL injection attacks)

6. Cross-Site Request forgery (CSRF)

7. Session Hijacking)

8. Session Fixation)

9. HTTP Response Splitting attack (HTTP Response Splitting)

10. File Upload Attack)

11. Directory Traversal vulnerability (Directory Traversal)

12. Remote file Inclusion attack)

13. Dynamic function injection (Dynamic Variable Evaluation)

14. URL attack)

15. Form submission spoofing attack (Spoofed Form Submissions)

16. HTTP request spoofing attack (Spoofed HTTP Requests)


This is PHP. if the server host is not properly shut down at 1st, how can this be used?
------ Solution --------------------
Use PDO whenever possible.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More