Posted by Paul Furman on 03/22/06 23:52

How to I clean up SQL hacking such as this:
/?PAGE=mycode.php&filter_in_url=%27+and+%27a%27%3D%27b%27+UNION+ALL+SELECT+my_table%2C+my_table%2C+my_field%2C+<snip>+FROM+another_table+%23
I've got 'filter_in_url' that searches & limits the display but got
hacked with something like the above line. I just want a couple words
but not huge long malicious type stuff obviously. I will sometimes need
to have quotes in the filter string (%27) although now that I check this
doesn't currently work but I guess that's a separate issue. I'm not even
sure what the %2C or %23 are doing. I suppose I could truncate the
filter to a couple dozen characters, there probably isn't much that
could be done in the length that I need.

My current approach is to str_replace 'JOIN' 'DROP' etc. This is not a
high security web page, really boring stuff, just some hacker got bored
& decided to pick on it for fun.

Thanks

• Next in forum: Re: fyi - combination of outlook and php - create stationery for MS outlook using PHP engine ;-)
• Prev in forum: Re: Can I use an either/or query?
• Thread view: mySQL security

[Reply to this message]