Page 1 of 1

mysql full text seach, valid boolean + sql injection attack

Posted: Fri Mar 26, 2004 5:20 pm
by compound_eye
mysql has all these nice full text boolean search functions that i would like to use to allow users to my site to enter a boolean search of the kind:

'underwater base' and ('doctor octopus' or 'super monkey')

i figure someone must have gone before me in figuring out a way to check the syntax of a boolean search.

And because this is allowing users to create a string which will be included in an sql statement it's opening the door a little wider than normal to an sql injection attack,
i don't just want to ban people from searching on the words 'select', 'delete' and 'insert' does anyone have a more sophisticated approach to dealing with this?

can anyone point me in the right direction?

cheers

mathew

Posted: Mon Mar 29, 2004 1:00 pm
by lostboy
mysql_real_escape_string()
regex pattern matching (ie looking for "drop database", "delete *")
double up on single quotes

Posted: Tue Mar 30, 2004 8:21 pm
by compound_eye
thank you lost boy, i will explore your suggestion