Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SELECT * FROM _TBL WHERE username = '$username' 1

Status
Not open for further replies.
lynque

lynque

IS-IT--Management
Sep 30, 2004
124
0
0
CA
I have a query that executes when I hardcode the username but not when I try to use the session var.

Works:
$q = "SELECT * FROM ".TBL." WHERE username = 'Me'";

Doesn't work:
$q = "SELECT * FROM ".TBL." WHERE username = '$username'";

I have used:
<?php
print_r($_SESSION);
?>
to print out all of my sessions and username is populated so I'm a little confused, is it a syntax issue?

Any help is greatly appreciated
 
Sort by date Sort by votes
Hi

[ol]
[li]There is a big difference between a variable and an array's element.[/li]
[li]Do not expose your database to SQL injection attacks.[/li]
[/ol]
PHP: 
[navy]$q[/navy] [teal]=[/teal] [green][i]"SELECT * FROM "[/i][/green][teal].[/teal]TBL[teal].[/teal][green][i]" WHERE username = '"[/i][/green][teal].[/teal][url=http://php.net/mysql_real_escape_string/][COLOR=darkgoldenrod]mysql_real_escape_string[/color][/url][teal]([/teal][navy]$_SESSION[/navy][teal][[/teal][green][i]'username'[/i][/green][teal]]).[/teal][green][i]"'"[/i][/green][teal];[/teal]

Feherke.
 
Upvote 0 Downvote
Thanks feherke,

I've heard a lot about SQL injection attacks but haven't found a definitive guide for protecting my DB, do you know of a link that would serve as a good guide?
 
Upvote 0 Downvote
Hi

Sorry, I know no such link.

However the base rule is simple : never trust anything you get from the client side. Adapted for this case : escape all data before using them in an SQL statement.


Feherke.
 
Upvote 0 Downvote
Thanks again,

Googling now.
 
Upvote 0 Downvote
Try:

echo $q;
exit;

See if the string itself looks right.
 
Upvote 0 Downvote
The PHP manual also has a nice chapter on database security AND it gives an example of injection attacks. By the way, injection is not something restricted to databases. Mail header injection and even HTTP header injections exists, among others. Especially mail header injection is abused a lot in the wild.

If you want to program for the big bad internet, I can only recommend reading a good book on web programming security first. Alas the web lost its innocence...

+++ Despite being wrong in every important aspect, that is a very good analogy +++
Hex (in Darwin's Watch)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ersatz
  • Locked
  • Question
How to send 2 select from mysql database in email like tables
Replies
5
Views
147
ersatz
ersatz
Rutsagig
  • Locked
  • Question
mysql_insert_id returns 0 after SELECT query
Replies
0
Views
44
Rutsagig
Rutsagig
lexer
  • Locked
  • Question
Fetching Data from Mysql and filling Inputs in a Form
Replies
0
Views
54
lexer
lexer
NickLeins
  • Locked
  • Question
I don't know how to remove the headings from my own blog
Replies
1
Views
50
spamjim
spamjim
pc3957
  • Locked
  • Question
Any ideas how I can download a file from a web site that requires login mimicking clicks
Replies
1
Views
49
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top