Asked By
Tillis
0 points
N/A
Posted on - 07/22/2011
Hello everybody, I have a url:http:\localhost coba index.php?menu=display, and I am confused that after SQL injection, how to put this URL in order. When an apostrophe i.e. ' is added at the end of above link, a warning will appear.
‘ERROR MESSAGE’
Warning: include (display '. php) [function.include]: failed to open stream:
No such file or directory in C: AppServ www try index.php on line 104
Warning: include () [function.include]:
Failed opening 'display '. Php'for inclusion
(include_path ='.; C: php5 pear ')
in C: index.php on line 104
Please help to solve this problem. Thanks in advance.
How to solve SQL injection
To prevent SQL injection, check and make sure that user input shall be correct.
Â
-
You shall never log on as database owner or superuser and try to connect to database as customized user so that the privileges should be very limited.
-
Then you shall examine that data type of given input is correct. Input validating functions of PHP could be very different. For example, those found in Character Type Functions and in Variable Functions i.e. ctype_digit() , is_numeric() respectively are the simplest functions while Perl Compatible Regular Expressions PCRE are one of the most complicated one.
-
If the numerical input is expected, you shall use the numeric representation of sprintf(), or settype() to change type silently and also verify the data using is_numeric().
-
You shall use the function of database-specific string escape e.g. sqlite_escape_string(), mysql_real_escape_string() etc. To count the supplied value of every non-numeric user which value would forward to database. If above mechanism of string escape cannot be used, then str_replace() functions and addslashes() might be the other practical tools subject to type of database. As per first example shows that it is not enough to add quotes to query of static part which the adding would make the query vulnerable.
-
The specific database information, especially the schema, shall not be printed out. Check logging function, error handling and error reporting.
-
The cursors defined earlier and procedures stored could also be used to retrieve data access so that users do not need to access views or tables directly.
Lastly, mysql_real_escape_string function could be used and consequently the attempt of injection will be neutralized.
Answered By
Tillis
0 points
N/A
#85617
How to solve SQL injection
this is a very classy post. Your information rocks Rkjha.it.in and I need bookmarks this page..Thanks a lot