PHP MySQL injection example?

2018-06-05 06:05:38

This question already has an answer here:

How can I prevent SQL injection in PHP? 28 answers

One of the most common examples is this query:

' or '1'='1

If you enter this as the username and password into some unsanitized login input the query changes like so:

Original: SELECT * FROM USERS WHERE USER='' AND PASS='';
Modified: SELECT * FROM USERS WHERE USER='' or '1'='1' AND PASS='' or '1'='1';

This causes each thing its looking for to be true, as 1 will always equal 1. Problem with this method is it does not allow the selection of a particular user. Doing so you need to make it ignore the AND statement by commenting it out as seen in other examples.

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Then the mysql query becomes:

select * 
from zend_adminlist 
where user_name = '1' OR 1 LIMIT 1; --' and password = '$pass'

链接地址: http://www.djcxy.com/p/16730.html

上一篇: 如何使用Prepared Statement和php插入到mysql中

下一篇: PHP的MySQL注入示例？