MySql Injection and Tips | Lessoncup Programming Blog

Wednesday, 27 November 2013

MySql Injection and Tips

Hi, today i going to tell you about MySql Injections most of the developers do not aware of this but it is important to know, basically the injection is a SQL statement were user can write the sql query's and send to database with your given form, and the query send to your database and play football to your database. and this things will happen without your knowledge. to avoid this problems form hackers PHP has a secured function to get secured from this attacks. 




see the bellow difference between MySql Normal and Injected Statements
<?php

mysql_query("select * from users where name='lessoncup'");

// the above query fetch the matched records..

mysql_query("select * from users where name=' OR 1'");

// the above query is injected query and selects all data from users table

?>
by default the string part of MySql query ends with ('') single quotation marks like name =' ' and the injected query's attacks based on query,

we have seen in the above injected query like '  OR 1' what is it mean, generally OR cause of 1 and it will always be true and query takes the string like

  • name = ' ' OR 1

it means the attacker is not providing any username in the field and getting all information from users table by using OR 1 to stop this Injected query's from attackers the PHP providing mysql_real_escape_string() function, the usage of  function is take a string what ever you enter in filed it will replace the quotes(') an escaped quote \'.
<?php

$name = " OR 1";

$name = mysql_real_escape_string($name);

mysql_query("select * from users where name='$name'");

?>
in the above query we have used mysql_real_escape_string() function to name variable, if the attacker attempt to give any bad query in input, this function will convert the evil quotes have been escaped with a backslash
  • name = '\' OR 1\''

finally what i am going to say is use mysql_real_escape_string() to every input which you are getting data from browser and make safe development

2 comments :

  1. 1) use pdo to prevent sql injection
    2)validate the user inputs
    3)provide limited access to users with specific permissions in mysql db users!

    ReplyDelete
  2. WHERE CAN I GET VIDEOS FOR THIS GUYS...LINK PLEASE!!

    ReplyDelete

Mohammad Khasim
Blogger | Web Developer
Hyderabad - INDIA
lessoncup@gmail.com

PHP | My SQL | JQUERY
Web Development Tools | CMS | Frameworks | SEO

Get my Latest Lessons