Re: Is this a security issue — PHP Programming Language

You are here: Re: Is this a security issue « PHP Programming Language « IT news, forums, messages

Posted by Chung Leong on 08/22/06 18:08

Ignoramus20689 wrote:
> I am not a PHP expert (I do mod_perl), but it would seem that this
> code is likely to be a good candidate for SQL injection attack. Is
> that the case? If so, I would write to them.

That's a definitely a SQL injection vulnerability, as the code is
written for PHP3, where there is no register_globals option (i.e. it's
always on). Whether it can be exploited is another matter. I don't
think you can execute multiple statement through mysql_query().

Navigation:

Next in forum: Re: PHP and Regex
Prev in forum: Re: How do I set Session Variables
Thread view: Re: Is this a security issue

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация