Reply to Re: Is this a security issue — PHP Programming Language

Posted by Richard Levasseur on 08/23/06 07:20

Chung Leong wrote:
> Ignoramus20689 wrote:
> > I am not a PHP expert (I do mod_perl), but it would seem that this
> > code is likely to be a good candidate for SQL injection attack. Is
> > that the case? If so, I would write to them.
>
> That's a definitely a SQL injection vulnerability, as the code is
> written for PHP3, where there is no register_globals option (i.e. it's
> always on). Whether it can be exploited is another matter. I don't
> think you can execute multiple statement through mysql_query().

IIRC, you can in some obscure way, but I forget. I think it was later
fixed in later release of mysql.

With the code, though, you could easily make the password line be
password='' or '1'='1', thus being able to log in as anyone (a parent
post pointed this out as well)

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация