info/php-the-right-way
1
0
Fork 0
mirror of https://github.com/codeguy/php-the-right-way.git synced 2025-08-18 19:41:15 +02:00
Code Issues Projects Releases Wiki Activity

Added simple SQL injection example

Browse Source 
Its possible (read: highly probable) newer developers will not understand a SQL injection vulnerability without a real example.
This commit is contained in:
Brian Nesbitt
2012-08-04 00:05:08 -03:00
parent 1bfe89a277
commit 1cba4665d6
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
_posts/06-01-01-Databases.md
View File

@@ -36,8 +36,10 @@ $pdo = new PDO('sqlite:users.db');
$pdo->query("SELECT name FROM users WHERE id = " . $_GET['id']); // <-- NO! $pdo->query("SELECT name FROM users WHERE id = " . $_GET['id']); // <-- NO!
{% endhighlight %} {% endhighlight %}
This is terrible code. You are inserting a raw query parameter into a SQL query. This will get you hacked in a heartbeat. Instead, This is terrible code. You are inserting a raw query parameter into a SQL query. This will get you hacked in a
you should sanitize the ID input using PDO bound parameters. heartbeat. Just imagine if a hacker passes in an inventive `id` parameter by calling a URL like
`http://domain.com/?id=1%3BDELETE+FROM+users`. This will set the `$id` variable to `id=1;DELETE FROM users`
which will delete all of your users! Instead, you should sanitize the ID input using PDO bound parameters.
{% highlight php %} {% highlight php %}
<?php <?php