Page 1 of 1

A question about php security

Posted: Tue Mar 09, 2004 7:04 pm
by neal
I saw this in an online article:
" mysql_db_query ($DB, "SELECT something FROM table WHERE name=$username"); In this example, the user can use a semicolon in the input to end the current query and supply arbitrary commands to the database. The input ";drop db database" will expand to the query string "SELECT something FROM table WHERE name=;drop db database", which will result in an error (because the first part of the query is now invalid) followed by a successful drop of the entire database. "

This doesn't work on my computer (php4.3.1, mysql3.23, magic_quote_gpc=off). It just told me "you have an error in your sql syntax".
Can anybody tell me why?

Thanks

Posted: Wed Mar 10, 2004 12:34 am
by Steveo31
I think you have to make a whole new query and do-

Code: Select all

DROP DATABASE `dbName`;