SQL injection PHP

[CWA]

What is a SQL injection attack?

Have any of your websites ever been a victim of a SQL injection attack? Well, one of my sites recently was so unfortunate and a lot of data was deleted from the database (Hooray for regular backups ). So, I looked around for a couple of solutions on how to prevent this, and wrote the function below which you can call using PHP to remove harmful code from any value passed to the database.

Example:
Note how the single brackets are used on both sides of the SafeSqlLiteral function:
‘” . SafeSqlLiteral(txtInput.Text, 2) . ”’

Code:

$strQuery = “SELECT * FROM tablename WHERE name = ‘” . SafeSqlLiteral(txtInput.Text, 2) . ”’”;

Code:

function SafeSqlLiteral($theValue, $theLevel){
	
    // Written by user CWA, CoolWebAwards.com Forums. 21 February 2010
    // http://forum.coolwebawards.com/threads/95-SQL-injection-PHP

    // intLevel represent how thorough the value will be checked for dangerous code
    // intLevel (1) - Do just the basic. This level will already counter most of the SQL injection attacks
    // intLevel (2) - (non breaking space) will be added to most words used in SQL queries to prevent unauthorized access to the database. Safe to be printed back into HTML code. Don't use for usernames or passwords
    	
    if ($theValue != null) {
		if ($theLevel > 0) {
            $theValue = str_replace("'", "''", $theValue); // Most important one! This line alone can prevent most injection attacks
            $theValue = str_replace("--", "", $theValue);
            $theValue = str_replace("[", "[[]", $theValue);
            $theValue = str_replace("%", "[%]", $theValue);
        }
        if ($theLevel > 1) {
            $myArray = array(1 => "xp_ ",2 => "update ",3 => "insert ",4 => "select ",5 => "drop ",6 => "alter ",7 => "create ",8 => "rename ",9 => "delete ",10 => "replace ");
			for ( $counter = 1; $counter <= 10; $counter += 1) {
				$offset = 0;
				$i2 = 0;
				while(($offset + strlen($myArray[$counter])) <= strlen($theValue)){
					if(strtolower(substr($theValue, $offset + $i2, strlen($myArray[$counter]))) == ($myArray[$counter])){
						$theValue = substr($theValue, 0, $offset + strlen($myArray[$counter]) + $i2 - 1) . "&nbsp;" . substr($theValue, ($offset + strlen($myArray[$counter]) + $i2), ((strlen($theValue) + $i2) - ($offset + strlen($myArray[$counter]) + $i2)) );
						$i2 += 6;
					}
					$offset += 1;
				}
			}
        } 
        return $theValue;
    }
    else {
        return $theValue;
    }
}

[ErikFox]

mysql_real_escape_string()

is one of the most effective way overcome sql injection attacks.

[dejonthompson01]

SQL injection is one technique that exploits a vulnerability in the application-level web database. The vulnerability is present when a user enters a wrong code string literal filter embedded SQL statements or user input is not much written, and so suddenly executed. SQL injection can be used by an attacker to introduce code in a computer program to change the way to access and manipulate the database behind the site , system or application.

[claudiajenfer1]

SQL Injection can cripple a Web site, if you are not careful. One of the most effective ways to prevent SQL injection to be used is well validated each user input, by identifying possible meta-characters that could be used by the database and filter system. Filters should be in place to remove any information great experience.

[verjkish]

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.

[madelinedn]

SQL injections refers to the act of anyone inserting a MySQL account to be run on your database after your knowledge. injections usually occurs if you ask a user for input, like their name, and instead of a name they accord you a MySQL account that you will aback run on your database.

[nobita_deptrai]

SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.

[julian]

SQL injection, I have heard about this phenomena long ago. Even some of the professional developers are also unaware of that how SQL queries can be tampered. Whenever there will be provision of input data from user side the possibility of SQL injection will be high. SQL Command injection is a technique where an attacker or hacker creates or alters existing SQL commands to expose hidden data, or to override existing ones, or even to execute dangerous system level commands on the database. having those knowledge is was not sufficient to prevent such event. After going through the code now it is easy to implement the code effectively.

[Maddy]

SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge.