Posted by lawrence k on 04/13/06 09:28

Okay, I just backed up my database, just in case.

The whole schema for the database is here:

http://www.accumulist.com/index.php?whatPage=db.php

You can run any SELECT query against this database that you want, and
send it as a GET request. This would be an example:

http://www.accumulist.com/output.php?whatPage=showSqlQuery&sql=select%20id,%20headline,%20tagCloud.private%20from%20tagCloud


The function that returns this checks to query to see if it contains
the words ALTER, DROP, EMPTY, GRANT, UPDATE, INSERT, and a bunch of
others. It calls die() if it sees any of those words.

For obvious reasons, I'm trepidatious about exposing the database to
this degree. What are some of the obvious, and not so obvious, attacks
that I shoudl expect and defend against?

• Next in forum: Re: Passing variables
• Prev in forum: Re: REGEX: can't seem to replace LIMIT clause in query using preg_replace ($pattern, $replacement, $query)
• Thread view: if I allow anyone on the web to run SQL queries against my database, what are the obvious attacks hackers will try?

[Reply to this message]