Solve SQL injection backslash with PHP function

Source: Internet
Author: User
What is Magic Quotes

When turned on, all ' (single quotes), "(double quotes), \ (backslash), and NULL characters are automatically added with a backslash to escape. This is exactly the same as the addslashes () function.

A total of three magic quote instructions:

MAGIC_QUOTES_GPC affects HTTP request data (Get,post and cookies). Cannot be changed at run time. The default value in PHP is on. See GET_MAGIC_QUOTES_GPC ().

Magic_quotes_runtime if open, most of the functions that get data from external sources and return the data, including from the database and text files, are escaped by backslashes. This option can be changed at run time, and the default value in PHP is off. See Set_magic_quotes_runtime () and Get_magic_quotes_runtime ().

Magic_quotes_sybase if turned on, single quotes are escaped using single quotes instead of backslashes. This option will completely overwrite the MAGIC_QUOTES_GPC. If you open two options at the same time, the single quotes will be escaped to '. Double quotes, backslashes, and NULL characters are not escaped. How to get its value see Ini_get ().


addslashes-referencing strings with backslashes

Description

String Addslashes (String $str)

Returns a string that is preceded by a backslash in order for the database query statement to be preceded by some characters. These characters are single quotes ('), double quotation marks ("), backslashes (\), and NUL (the NULL character).

An example of using addslashes () is when you want to enter data into the database. For example, the name O ' Reilly is inserted into the database, which needs to be escaped. Most databases use \ as escape character: O\ ' Reilly. This allows the data to be placed in the database without inserting additional \. When PHP instruction Magic_quotes_sybase is set to ON, it means that the insert ' will be used ' to escape.

By default, PHP instruction MAGIC_QUOTES_GPC is on, and it is primarily for all GET, POST, and COOKIE data automatically run Addslashes (). Do not use Addslashes () for strings that have been MAGIC_QUOTES_GPC escaped, because this results in double-layer escaping. You can use the function GET_MAGIC_QUOTES_GPC () to detect this situation.

Stripslashes

(PHP 4, PHP 5)

Stripslashes-un-quote string quoted with Addslashes ()

Description

String Stripslashes (String $str)

Un-quotes a quoted string.

Note:if Magic_quotes_sybase is on, no backslashes was stripped off but both apostrophes is replaced by one instead.
SQL injection problem on the ASP but it is noisy? 5 compared to the coat, the famous PHP program "died". As for the details of SQL injection, there are so many articles on the Internet that we don't introduce them here.
If the MAGIC_QUOTES_GPC in your php.ini file in your Web space is set to OFF, then PHP will not precede the sensitive character with a backslash (\), because the content submitted by the form may contain sensitive characters, such as single quotation marks ('), resulting in a vulnerability to SQL injection. In this case, we can use Addslashes () to solve the problem, which automatically adds a backslash before the sensitive character.
However, the above method only applies to magic_quotes_gpc=off cases. As a developer, you don't know if each user's MAGIC_QUOTES_GPC is on or off, and if all of the data is addslashes (), isn't that "killing innocents"? If Magic_quotes_gpc=on, and the Addslashes () function is used again, let's take a look at:

<?php
If a variable $_post[' message ' is submitted from the form, the content is Tom's book
This adds the code to connect to the MySQL database, write it Yourself
Precede the sensitive character of $_post[' message ' with a backslash
$_post[' message ' = addslashes ($_post[' message ');

Because of the magic_quotes_gpc=on, the backslash is added again before the sensitive character
$sql = "INSERT into msg_table VALUE (' $_post[message] ');";

Send the request to save the content in the database
$query = mysql_query ($sql);

If you extract this record from the database and output it, you will see Tom\ 's book
?>

In this case, in the Magic_quotes_gpc=on environment, all the input single quotes (') will become (\ ') ...
In fact, we can use the GET_MAGIC_QUOTES_GPC () function to solve this problem easily. The function returns True when Magic_quotes_gpc=on, and returns False when Magic_quotes_gpc=off. At this point, there must have been a lot of people realize: the problem has been solved. Please look at the code:

<?php
If Magic_quotes_gpc=off, then the sensitive word multibyte backslash in $_post[' message ' submitted for Bill of lading
Magic_quotes_gpc=on, the case is not added
if (!GET_MAGIC_QUOTES_GPC ()) {
$_post[' message ' = addslashes ($_post[' message ');
} else {}
?>

Actually speaking here, the problem has been solved. Here's a little trick.
Sometimes a form submits more than one variable, and there can be more than 10 or dozens of of these. Copy/Paste the addslashes () once and again, is it a bit of a hassle? Because the data obtained from the form or URL is in the form of an array, such as $_post, $_get)? d Qiang terminations Undercover Huan tailed bird a bath ang Rong ㄇь? " The function:

<?php
function quotes ($content)
{
If Magic_quotes_gpc=off, then start processing
if (!GET_MAGIC_QUOTES_GPC ()) {
Determine if the $content is an array
if (Is_array ($content)) {
If $content is an array, then it is processed by every single
foreach ($content as $key = = $value) {
$content [$key] = addslashes ($value);
}
} else {
If $content is not an array, it is processed only once
Addslashes ($content);
}
} else {
If magic_quotes_gpc=on, then do not deal with
}
Back to $content
return $content;
}
?>

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.