Home page logo

basics logo Security Basics mailing list archives

AW: magic_quotes
From: "Michael Kluge" <michael.kluge () wundermedia de>
Date: Mon, 20 Jun 2005 17:31:22 +0200


This is very unsafe! Imagine this case:
$DATA->id is "' OR (any_where_clause) OR id='"

So your SQL-Statement will be:
SELECT * FROM whatever WHERE id = '' OR (any_where_clause) OR id=''

So anybody can manipulate your SQL-Statment to return unwanted rows from your table.

This is an SQL injection vulnarability.

Better use something like mysql_escape_string().



Hi everybody

I been coding for the last couple of days with PHP+MySQL and I've been
relaying A LOT in magic_quotes. I am wondering if it's (at 
least for the
moment) a safe thing to do. For example, consider the following code

$GDATA = (object) $_GET;
$PDATA = (object) $_POST;

else        $DATA = $PDATA;

$q = mysql_query ("SELECT * FROM whatever WHERE id = '$DATA->id'");

How safe is this?

I would appreciate hints & thoughts (TM)

Pablo Fernandez

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]