Ethical Hacking - Web Penetration Testing(11)
SQL INJECTION
Preventing SQLi
- Filters can be bypassed.
- Use a blacklist of commands? Still can be bypassed.
- Use whitelist? Same issue.
-> Use parameterized statements, separate data from SQL code.
<?php //$textbox1 = admin' union select # Select * from accounts where username = '$textbox1' //Bad Sample: Select * from accounts where username = 'admin' union select #' Safe: ->prepare(Select * from accounts where username = ?") ->execute(array('$textbox1')) //prepare(Select * from accounts where username = "'admin' union select #'") //execute(array('admin' union select #')) ?>
相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。