Community
Learn
Tools Library
AI Tools
Leisure
search
English
Home > Backend Development > PHP Tutorial > How to do database attacks in php (such as SQL injection)_PHP tutorial

How to do database attacks in php (such as SQL injection)_PHP tutorial

WBOY
Release: 2016-07-13 10:37:30
Original
926 people have browsed it

PHP mysql_real_escape_string() function

PHP MySQL functions

Definition and usage

The mysql_real_escape_string() function escapes special characters in strings used in SQL statements.

The following characters are affected:

x00nr'"x1a

If successful, the function returns the escaped string. If failed, returns false.

Grammar

mysql_real_escape_string(string,connection)
Copy after login
参数 描述
string 必需。规定要转义的字符串。
connection 可选。规定 MySQL 连接。如果未规定,则使用上一个连接。

Description

This function escapes special characters in string and takes into account the current character set of the connection, so it is safe to use mysql_query().

Tips and Notes

Tip: You can use this function to prevent database attacks.

Example

Example 1

<?php
$con = mysql_connect("localhost", "hello", "321");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

// 获得用户名和密码的代码

// 转义用户名和密码,以便在 SQL 中使用
$user = <code>mysql_real_escape_string($user)</code>;
$pwd = <code>mysql_real_escape_string($pwd)</code>;

$sql = "SELECT * FROM users WHERE
user='" . $user . "' AND password='" . $pwd . "'"

// 更多代码

mysql_close($con);
?>
Copy after login

Example 2

Database attack. This example shows what happens if we don't apply the mysql_real_escape_string() function to the username and password: 

<?php
$con = mysql_connect("localhost", "hello", "321");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

$sql = "SELECT * FROM users
WHERE user='{$_POST['user']}'
AND password='{$_POST['pwd']}'";
mysql_query($sql);

// 不检查用户名和密码
// 可以是用户输入的任何内容,比如:
$_POST['user'] = 'john';
$_POST['pwd'] = "' OR ''='";

// 一些代码...

mysql_close($con);
?>
Copy after login

Then the SQL query will look like this:

SELECT * FROM users
WHERE user='john' AND password='' OR ''=''
Copy after login

This means that any user can log in without entering a valid password.

Example 3

Correct ways to prevent database attacks: 

<?php
function check_input($value)
{
// 去除斜杠
if (get_magic_quotes_gpc())
  {
  $value = <code>stripslashes($value)</code>;
  }
// 如果不是数字则加引号
if (!is_numeric($value))
  {
  $value = "'" . <code>mysql_real_escape_string($value)</code> . "'";
  }
return $value;
}

$con = mysql_connect("localhost", "hello", "321");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

// 进行安全的 SQL
$user = check_input($_POST['user']);
$pwd = check_input($_POST['pwd']);
$sql = "SELECT * FROM users WHERE
user=$user AND password=$pwd";

mysql_query($sql);

mysql_close($con);
?>
Copy after login

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/735865.htmlTechArticlePHP mysql_real_escape_string() function PHP MySQL function definition and usage mysql_real_escape_string() function escapes the string used in SQL statements special characters in . The following characters are affected...
Related labels:
php
source:php.cn
Previous article:Introduction and usage examples of filesystem file system functions in php_PHP tutorial Next article:Introduction and usage examples of url function in php_PHP tutorial
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
PHP arrays obtained from URL parameters do not behave as expected I have a URL parameter that contains the category ID and I want to treat it as an array li...
From 2024-04-06 22:09:02
0
1
1428
Where should I place CustomLog directive in apache I'm using php:7.2-apachedocker. I need to disable health check url login access log. Based...
From 2024-04-06 22:03:59
0
1
990
What is the format of the variables in the return value? I am a new learner of php. I found a piece of code: if($x<time()){return[false,'error']...
From 2024-04-06 21:55:20
0
1
778
Problems encountered when using opentbs to generate odt files: values ​​of the same key are displayed in the same row instead of separate columns. I'm using a library called OpenTbs to create odt using PHP, I'm using it because columns a...
From 2024-04-06 20:18:18
0
1
483
Group MySQL results by ID for looping over I have a table with flight data in mysql. I'm writing a php code that will group and displ...
From 2024-04-06 17:27:56
0
1
406
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template