SQL Injection
SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input.
Injected SQL commands can alter SQL statement and compromise the security of a web application.
SQL Injection Based on 1=1 is Always True
Look at the example above, one more time.
Let’s say that the original purpose of the code was to create an SQL statement to select a user with a given user id.
If there is nothing to prevent a user from entering “wrong” input, the user can enter some “smart” input like this:
UserId:
How to protect
PHP functions
The function
//Blind SQL-INJECTION Escape sequence. Line codes anti SQL-Injection function anti_injection($input){ $clean=strip_tags(addslashes(trim($input))); $clean=str_replace('"','\"',$clean); $clean=str_replace(';','\;',$clean); $clean=str_replace('--','\--',$clean); $clean=str_replace('+','\+',$clean); $clean=str_replace('(','\(',$clean); $clean=str_replace(')','\)',$clean); $clean=str_replace('=','\=',$clean); $clean=str_replace('>','\>',$clean); $clean=str_replace('<','\<',$clean); return $clean; }
How to use
$id=$_GET['id']; $id_clean=anti_injection($id);