|
|
|
Always do the SQL authorization as follow:
<?
mysql_query("SELECT username FROM auth_table WHERE passwd='$password' AND username='$username'");
?>
AND NOT as
<?
mysql_query("SELECT username FROM auth_table WHERE username='$username' AND passwd='$password'");
?>
as $username can be specified in the text box as
$username = "abc"#";
If specified in the textbox as this then the query will become
<?
mysql_query("SELECT username FROM auth_table WHERE username='abc'#' AND passwd='$password'");
?>
in this case # will comment the query and will become
<?
mysql_query("SELECT username FROM auth_table WHERE username = 'abc'");
?>
and this will work and the user can hack the site.
When we write the query in php as
<?
mysql_query("SELECT username FROM auth_table WHERE passwd='$password' AND username='$username'");
?>
then the query will become
<?
mysql_query("SELECT username FROM auth_table WHERE passwd='somepass'#' AND username='$username'");
?>
you have to specify the whole password and even if # is mentioned after the password then username
is not required. This will be ok as we give more importance to password and username of others can
be known by any one so username is not so important. |
|
| Point and Click Interface ala MS Access for creating SQL statements.
Categories : MySQL, Complete Programs, General SQL, PHP, Databases | | | phpEasySQL - Easily connect to your MySQL database with just 1 php file and 3 easy steps!
Categories : Databases, PHP, MySQL, General SQL | | | This function will populate the options in a drop down HTML select list
in a form from a database query.
Categories : MySQL, General SQL, PHP, HTML and PHP, Databases | | | I`d like to use the mysql_fetch_row function along with a "randomizer"
function that would give me a random result from a mySQL table.
Categories : General SQL, MySQL, PHP, Databases | | | You have a set of many resources , and You need to know wich of these resources are available for a given use during a given period but MySql does not allow SUB-Selection :(
here is the right way to do that in a single query
Categories : MySQL, General SQL, Databases, Algorithms | | | This program allows you to upload an ODBC ressource - i.e. an MS-Access database to a MySQL server.
Categories : Databases, MySQL, Complete Programs, PHP, Databases | | | bookmarker - PHP, PHPLIB, MySQL WWW based bookmark manager
Categories : MySQL, PHP, MySQL, Complete Programs, Databases | | | How to "group by" only by the date when you are really using a datetime
type of field.
Categories : Databases, MySQL, General SQL | | | Multiple Search using PHP and Mysql
Categories : PHP, Databases, General SQL, MySQL | | | Accepts a database & hostname from a user and then HTTP username and password. Uses this to connect to a MySQL database. Produces a form based on the tables it finds there to allow the user to do SELECTs, INSERTs, and DELETEs.
Categories : Databases, PHP, MySQL, Complete Programs | | | Cut your MySQL Connections to 1 line of code
Categories : PHP, Beginner Guides, Databases, MySQL | | | phpAds, a complete banner and ad management system with detailled tracking and stats.
Categories : MySQL, Complete Programs, Ecommerce, PHP, Databases | | | Message of the Day - Random Message (Needs MySQL!)
Categories : Databases, HTML and PHP, PHP, MySQL | | | Alternating background color for HTML table rows
Categories : PHP, Databases, MySQL, HTML and PHP | | | Authorize Me! An authentication script.
Categories : MySQL, Databases, Authentication, PHP | |
| | | | Fred Schenk wrote : 910
Don`t allow a single quote to go into your queries. For MSSQL and ASP I always use
newstring=REPLACE(string, "`", "``")
alowing a single quote will make you vulnerable to SQL Injection (like "fred`; DROP DATABASE" to name the least)
| | | | Peter Cole wrote : 911
why not limit the text input within the html tag by putting a size attribute in the code ... then use the all purpose htmlspecialchars on the posted variable ....
keep it simple !!
| | | | Ray Cauchi wrote :912
Validate all form data - especially for login screens....
Neither username nor password should ever (to my opinion) contain anything other than alphanumeric characters in the first place....
interesting solution though...
| |
|
|
|
