perform SQL injection and patch it
$sql="SELECT * FROM Reg_Stud WHERE Username='$var1' AND RegID=$var2 "开发者_如何学编程;
this is the code...
i tried the input
Username =anything' OR 'x'='x
ID =12 or 1=1
no sign of sql injection...but when i just give the 1st argument and end it by commenting the rest...it gives sql error i.e anything' OR 'x'='x;--
perform SQL injection and patch it
You can use SQL Inject Me Firefox addon which has huge number of patterns it tests with :)
SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities
To be on the safe side, you should use Prepared statements.
You have following conditions: Username==anything OR x=x AND RegID=12
, in boolean:
false OR true AND false
. Apparently MySQL evaluates this entire expression as false ((false OR true) AND false
).
What happens if you set the username to x' or 1=1--
精彩评论