This shows you the differences between two versions of the page.
| |
en:entwickler:sql-injektion [2015/11/04 23:22] – created thomas-rcv | en:entwickler:sql-injektion [2016/12/03 15:13] (current) – typos ximex |
---|
Now I put the contents of the variable in: | Now I put the contents of the variable in: |
SELECT COUNT(*) FROM adm_users WHERE usr_loginname = 'fasse' --' AND usr_password = ' ' | SELECT COUNT(*) FROM adm_users WHERE usr_loginname = 'fasse' --' AND usr_password = ' ' |
Through my apostrophe right behind "fasse" I finish my name in the SQL statement and commited by the two lines, that everything after that is a comment . Thus the statement will return i COUNT = 1 and have reportedly found valid login data, although I didn´t have entered a valid password. | Through my apostrophe right behind "fasse" I finish my name in the SQL statement and commited by the two lines, that everything after that is a comment . Thus the statement will return i COUNT = 1 and have reportedly found valid login data, although I didn't have entered a valid password. |
| |
In PHP there is the parameter magic_quotes_gpc, which is activated in the default XAMPP. This is for all transfer variables ($ _POST, $ _GET ...) the backslash before each quotation mark. If this parameter is not activated, it will be rescheduled from Admidio since version 1.5 using the function addslashes(). A call to the prepareSQL function is therefore no longer necessary and the function is then also soon to be removed. | In PHP there is the parameter magic_quotes_gpc, which is activated in the default XAMPP. This is for all transfer variables ($ _POST, $ _GET ...) the backslash before each quotation mark. If this parameter is not activated, it will be rescheduled from Admidio since version 1.5 using the function addslashes(). A call to the prepareSQL function is therefore no longer necessary and the function is then also soon to be removed. |
| |