Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
Pavel2016-08-26 23:26:58
PHP
Pavel, 2016-08-26 23:26:58

Is SQL query vulnerable to SQL injection?

Does the \" escaping method secure the query from SQL injection or not?

if( $accounts = $this->mysqli->query("SELECT * FROM `".DB_DB."`.`staff` WHERE `login`=\"$login\"") )
      {
        $row_cnt = $accounts->num_rows;
        if( $row_cnt != NULL )
        {
          while($row = $accounts->fetch_assoc())
          {
            if( strcmp( $row['password'] , md5($pass) ) == 0)
            {
              $this->group = $row['group'];
              return true;
            }
            else
              return false;
          }
          $accounts->close();
        }
        else
          return false;
      }
      else
        return false;

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
R
Rsa97, 2016-08-26
@Rsa97

No. Security is provided by prepared expressions with placeholders.

Report
A
Alexey Nikolaev, 2016-08-27
@Heian

No. You need to ensure that there are no request-breaking moments inside the quotes , i.e. in order to escape all quotes inside the quotes around the variable, you must also provide for the substitution of slashes. If this is done, the request will be safe without placeholders.

Report
S
SagePtr, 2016-08-27
@SagePtr

Depends on where the $login variable comes from and whether it is pre-processed somehow. If you want a guaranteed safe request, use placeholders. If for some reason you cannot use them, then escape all variables coming into the request from outside.

Report
I
index0h, 2016-08-27
@index0h

Is SQL query vulnerable to SQL injection?

Yes. Example
Only if you are escaping inline strings. Today this is done through placeholders.

Report
E
Erling, 2016-08-27
@Erling

Use prepared queries and get rid of many SQL injection questions at once. Look for more than 1 article (discussion) on prepared statements (MySQLi || PDO) and into battle.

Report
A
Anonymous Anonimov, 2019-01-15
@dmitry_meta

This particular request is vulnerable because of quotes.
I advise you to continue to check the site with sqlmap or other tools to find possible SQLi. Alternatively, you can do it online with pentest-tools or METASCAN .

Similar questions
G
GRO242019-08-30 15:23:29
Why doesn't Bootstrap 4 align blocks? 2Reply
M
Marty McFly2018-11-12 19:00:41
Where is the best place to study web design from 0 in St. Petersburg? 6Reply
S
sergeybogevolny2015-04-06 21:36:50
Is there an example of interaction between bootstrap wizard form and php? 2Reply
N
Nicholas Hephaestus2022-01-24 20:18:11
Why does the space bar and other keys not work in TeamViewer? 4Reply
M
Matvey Bubenets2017-04-20 04:38:37
How to disable Remote Desktop Licensing? 6Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question