Protect your script from SQL String Injections
Friday, October 23rd, 2009What is an SQL Injection
An SQL injection is an exploit that manipulates the database of a website. It may grab a password you dont want shared or simply rewrite it in the database.
This tutorial will explain how an SQL Injections works and how to avoid this type of attack.
String Injections
Lets imagine a piece of PHP that retrieved the age a member on your forum. To do this the PHP uses a $_GET command to retrieve this data and goes to another page.
The code may look like this
$age = $ _GET [ 'age'];
$requete = mysql_query ( "SELECT age FROM members WHERE age = '$ age'");
This is potentially a nasty piece of code. What on could do is instead of asking for the age one could potentially ask for the password of that user!
String Injections Protection
Its not that difficult to protect yourself from this attack. All it takes is switching out a little code.
Instead of using $_Get replace it with mysql_real_escape_string ()
The code from above changes to
$age = mysql_real_escape_string($_GET['age']);
$requete = mysql_query ( "SELECT age FROM members WHERE age = '$ age'");
Your PHP is now completely secure against this type of attack!