The manual is
particularly good at describing all these functions, so let??™s move on and consider security.
2.6.4 Security issues with databases
The most common type of database security problems are known as SQL injection security breaches. These
occur when your user is able to trick your code into running a database query that you didn??™t intend to happen.
Consider this code:
$result = $db->query("SELECT * FROM users
WHERE name='" . $_POST['name'] . "'");
This typical code might be used to authorize a user after they have submitted a login form. The coder has
ensured that the correct superglobal, $_POST, is used, but hasn??™t checked what it contains. Suppose that
$_POST['name'] contains the string ???' OR 1 OR name = '??? (single quote, followed by ???OR 1 OR
name=??? followed by another single quote). This would result in the perfectly legal SQL statement of:
SELECT * from users where name='' OR 1 OR name= ''
As you can see, the OR 1 in the SQL statement will result in all the users being returned from the
database table. With SQL injection vulnerabilities like this, it can be possible to retrieve username and
password information or to maliciously delete database rows causing your application to stop working.
As should be obvious, the way to avoid SQL injection attacks is to ensure that the data that you are putting
into the SQL statement has been escaped using the correct functionality for your database.
Pages:
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74