hi all
I come from Indonesia, I'm sorry if I'm not english fluent
I was new in php
I want to ask, what this information can inject?
//login form
<div id="loginform">
<form method= "post" action="cheklogin.php" name="form1">
<label for="username"> Username:</label>
<input type="text" name="myusername" id="username" />
<label for="password"> Password:</label>
<input type="password" name="mypassword" id="password" />
<input type="submit" name="submit" value="login" />
</form>
//cheklogin.php
<?
$host = "localhost";
$username= "root";
$password= "";
$db_name = "mydb";
$tbl_name ="admin";
mysql_connect ($host, $username, $password) or ("can't connect");
mysql_select_db ($db_name) or die (mysql_error());
$myusername= $_POST['myusername'];
$password= $_POST['mypassword'];
$sql = "select * from $tbl_name where username='$myusername' and password='$mypassword' ";
$result = mysql_query ($sql);
$count = mysql_num_rows ($result);
if ($count==1) {
session_register("myusername");
session_register("mypassword");
header ("location:login_success.php");
}
else {
echo "wrong password";
}
?>
inject how to prevent?
and how to inject login above?
please help me, I was confused when someone break my website
I want to know how he broke my website
Sql injection
Moderator: General Moderators
Re: Sql injection
Yes SQL injection is possible in your code, to avoid this use sprintf().
Refer : http://in.php.net/manual/en/function.sprintf.php
Refer : http://in.php.net/manual/en/function.sprintf.php
Re: Sql injection
how he did inject it?
assuming he has the source code of my web.
I have tried to inject my website, but still failed.
assuming he has the source code of my web.
I have tried to inject my website, but still failed.
Re: Sql injection
You need to use mysql_real_escape_string() on your POST values:
http://php.net/manual/en/function.mysql ... string.php
For example:
He doesn't need the source code, trial and error with different injections. He could have typed:
password' OR '1=1
As the password or username, or similar, because you do not escape any input before you send the query.
Your code doesn't seem to validate ANY input from the user at all.
http://php.net/manual/en/function.mysql ... string.php
For example:
Code: Select all
$username = mysql_real_escape_string($_POST['username']);password' OR '1=1
As the password or username, or similar, because you do not escape any input before you send the query.
Your code doesn't seem to validate ANY input from the user at all.
Re: Sql injection
whether the vesi php 5 can inject information
sorry if my reply many questions
thanks for all the air to help ..
sorry if my reply many questions
thanks for all the air to help ..
-
echelon2010
- Forum Newbie
- Posts: 8
- Joined: Thu Mar 04, 2010 2:56 pm
Re: Sql injection
I suggest you to upgrade to latest sql version which will minimize the sql injection and also stop sql bypass