Skip to content

Commit

Permalink
Added simple SQL injection example
Browse files Browse the repository at this point in the history 
Its possible (read: highly probable) newer developers will not understand a SQL injection vulnerability without a real example.
  • Loading branch information
@briannesbitt
briannesbitt committed Aug 4, 2012
1 parent 1bfe89a commit 1cba466
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions _posts/06-01-01-Databases.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,10 @@ $pdo = new PDO('sqlite:users.db');
$pdo->query("SELECT name FROM users WHERE id = " . $_GET['id']); // <-- NO!
{% endhighlight %}

This is terrible code. You are inserting a raw query parameter into a SQL query. This will get you hacked in a heartbeat. Instead,
you should sanitize the ID input using PDO bound parameters.
This is terrible code. You are inserting a raw query parameter into a SQL query. This will get you hacked in a
heartbeat. Just imagine if a hacker passes in an inventive `id` parameter by calling a URL like
`http://domain.com/?id=1%3BDELETE+FROM+users`. This will set the `$id` variable to `id=1;DELETE FROM users`
which will delete all of your users! Instead, you should sanitize the ID input using PDO bound parameters.

{% highlight php %}
<?php
Expand Down

0 comments on commit 1cba466

Please sign in to comment.