1. Article Realm.com Free Article Directory
  2. Reference & Education
  3. Philosophy
  4. What is SQL Injection and how to fix it

What is SQL Injection and how to fix it

by bootsity on Jun 4, 2019 Philosophy 843 Views

1. Introduction

In this article, we learn about SQL injection security vulnerability in web application. We see an example of SQL Injection, learn in in-depth how it works, and see how we can fix this vulnerability. We use PHP and MySQL for the examples. The SQL injection is the top exploit used by hackers and is one of the top attacks enlisted by the OWASP community.

2. What is SQL Injection

SQL Injection is a attack mostly performed on web applications. In SQL Injection, attacker injects portion of malicious SQL through some input interfaces like web forms. These injected statements goes to the database server behind a web application and may do unwanted actions like providing access to unauthorised person or deleting or reading sensitive information.
The SQL Injection vulnerability may affect any application powered by database supporting SQL like Oracle, MySQL and others.
SQL Injection attacks are one of the widest used, oldest, and very dangerous application vulnerabilities. The OWASP organization (Open Web Application Security Project) lists SQL Injections in their OWASP Top 10 document as the top threat to web application security.

3. Example of SQL Injection

Let’s create a form in HTML:

  1. <!DOCTYPE html>
  2. <html>
  3. <body>
  4. <h2>SQL injection in web applications</h2>
  5. <form action="/form-handler.php">
  6. Username:<br>
  7. <input type="text" name="username" value="">
  8. <br>
  9. Password:<br>
  10. <input type="password" name="password" value="">
  11. <br><br>
  12. <input type="submit" value="Submit">
  13. </form>
  14. </body>
  15. </html>

When we click on submit, the form above submits to below PHP script:

  1. <?php
  2.  
  3. mysql_connect('localhost', 'root', 'root');
  4. mysql_select_db('bootsity');
  5.  
  6. $username = $_POST["username"];
  7. $password = $_POST["password"];
  8. $query = "SELECT * FROM Users WHERE username = " . $username . " AND password =" . $password;
  9.  
  10. $re = mysql_query($query);
  11.  
  12. if (mysql_num_rows($re) == 0) {
  13. echo 'Not Logged In';
  14. } else {
  15. echo 'Logged In';
  16. }
  17. ?>

4. How SQL Injection works

In the above example, assume that the user fills up the form as below:

  1. Username: ' or '1'='1
  2. Password: ' or '1'='1

Now our $query becomes:

SELECT * FROM Users WHERE username='' or '1'='1' AND password='' or '1'='1';

This query always returns some rows and results in printing Logged In on the browser. So, here the attacker doesn’t know any username or password that are register in the database, but the attacker is still able to log in.

5. Fixing SQL Injection

Now we understand how SQL injection works in PHP. Generally, the best solution is to use prepared statements and parameterized queries. When we use prepared statements and parameterized queries, the SQL statements are parsed separately by the database engine. Let us see these approaches below:

5.1 Using PDO

We can change our form-handler.php to use PDO:

  1. <?php
  2.  
  3. $dsn = "mysql:host=localhost;dbname=bootsity";
  4. $user = "root";
  5. $passwd = "root";
  6.  
  7. $pdo = new PDO($dsn, $user, $passwd);
  8.  
  9. $username = $_POST["username"];
  10. $password = $_POST["password"];
  11.  
  12. $stmt = $pdo->prepare('SELECT * FROM Users WHERE username = :username AND password = :password');
  13.  
  14. $stmt->bindParam(':username', $username);
  15. $stmt->bindParam(':password', $password);
  16.  
  17. $stmt->execute();
  18.  
  19. if (count($stmt) == 0) {
  20. echo 'Not Logged In';
  21. } else {
  22. echo 'Logged In';
  23. }
  24.  
  25. https://article-realm.com/article/Reference-Education/Philosophy/2509-What-is-SQL-Injection-and-how-to-fix-it.html

URL

https://bootsity.com/php/what-is-sql-injection-and-how-to-fix-it
Tutorial article to describe SQL Injection vulnerability in web application with example in PHP and MySQL

Reviews

Guest

Overall Rating:

Comments

No comments have been left here yet. Be the first who will do it.
Safety

captchaPlease input letters you see on the image.
Click on image to redraw.

Most Recent Articles

Most Viewed Articles

More Author Articles

Popular Articles

The Latest Online Business

  In today’s competitive world, one must be knowledgeable about the latest online business that works effectively through seo services....

77367 Views

Familiarize The Process Of SEO

    Are you caught in between seo companies introduced by a friend, researched by you, or advertised by a particular site? If that is the...

32685 Views

Furious Walmart customers post videos of stores locking up African-American beauty products
Furious Walmart customers post videos of stores locking up African-American beauty products

Walmart is being sued by a customer alleging racial discrimination.  The customer who has filed a lawsuit against the retailer claims that it...

13703 Views

How to Start an Invention Idea

If you have an idea for a new product, you can start by performing a patent search. This will help you decide whether your idea could become the...

11085 Views

How to Download and Install Facebook Messenger on Firestick
How to Download and Install Facebook Messenger on Firestick

Facebook, the best and most used social app in the world, has all the social features you need. However, one feature is missing. You cannot chat...

9064 Views

Statistics

Members
Members: 15316
Publishing
Articles: 63,054
Categories: 202
Online
Active Users: 877
Members: 16
Guests: 861
Bots: 12337
Visits last 24h (live): 2062
Visits last 24h (bots): 25588
faraz pathan, Jenniferletty, freya lee, Panchmukhi Train Ambulance Services, shital thakare, Quick Assignment, Tuxedo Dental Group, Daniel John, advancreative, Dinesh Kumar, Helen Clark , Pie Gaming, Abrsoftech, Sarah Ferguson

Latest Comments

The Infinity Wallet extension is a game-changer in the world of digital wallets. Designed for both beginners and experienced users, it offers unmatched security and user-friendly features. If...
on Sep 13, 2024 about Ledger.com/start – How to withdraw from Binance to ledger?
amazing 
on Sep 13, 2024 about Hotels and resort in Gopalpur, Odisha
Very useful article! Helps me a lot! アマプラをスクショできます!
on Sep 13, 2024 about Wheat production in India: A major crop
I appreciate you giving such useful information. Your website is really awesome. The amount of information on your website is impressive. ( percetakan jakarta timur & percetakan rawamangun )
on Sep 12, 2024 about Learn the basic things of Indian rummy card game
GBWhatsApp has become a highly popular alternative to the original WhatsApp due to its extended functionalities and customization options. Many users prefer GB WhatsApp Pro for their unique...
on Sep 12, 2024 about Do You Know Your 6 Personal Content Marketing Gains?

Articles Archive

September 2024 August 2024 July 2024 June 2024 May 2024 April 2024

Recent Reviews

Sep 20, 2024  
Revision of my blogging for more information
Sep 19, 2024  
How To Stay Focused And Productive While Taking Online Classes
Sep 18, 2024  
How Can Law Assignment Help Service Make A Difference In Studies?
Sep 17, 2024  
Air Jordan 1 Mid
Sep 16, 2024  
Page Provan

Random Articles

Mobile AI Market growth & size, future innovations & forecast by 2028

on Jul 11, 2022

Athlete′s Foot Drugs Market Size, Share, Regional Analysis by 2030
Athlete′s Foot Drugs Market Size, Share, Regional Analysis by 2030

on May 2, 2023

Wound Dressings Market Analysis, Size, Current Scenario and Future Prospects

on Jun 9, 2023

E-commerce Sustainable Shipping Solutions
E-commerce Sustainable Shipping Solutions

on Dec 28, 2023

herbal medicine market MRFR Reveals Covid-19 Analysis for 2019-2025
herbal medicine market MRFR Reveals Covid-19 Analysis for 2019-2025

on Jun 13, 2021

Global Pneumonia Vaccine Market Size, Overview, Key Players and Forecast 2028.

on Jun 9, 2023