SQL Injections in PHP

General discussion on PHP

SQL Injections in PHP

Postby sand9364 on Tue May 16, 2017 6:07 pm

Can Anybody List out some SQL injections queries to inject in a Php website which is vulnerable.
Posts: 1
Joined: Tue May 16, 2017 6:05 pm

Re: SQL Injections in PHP

Postby jess9156 on Fri Oct 20, 2017 8:05 am

here are some of the SQL injection queries that will be useful for you.

SQL Injection Based on 1=1 is Always True
SELECT * FROM Users WHERE UserId = 105 OR 1=1;
SELECT UserId, Name, Password FROM Users WHERE UserId = 105 or 1=1;

SQL Injection Based on ""="" is Always True
uName = getRequestString("username");
uPass = getRequestString("userpassword");

sql = 'SELECT * FROM Users WHERE Name ="' + uName + '" AND Pass ="' + uPass + '"'

SQL Injection Based on Batched SQL Statements
txtUserId = getRequestString("UserId");
txtSQL = "SELECT * FROM Users WHERE UserId = " + txtUserId;
Posts: 1
Joined: Fri Oct 20, 2017 7:56 am

Re: SQL Injections in PHP

Postby arse4356 on Mon Dec 11, 2017 3:20 pm

PHP is a server-side scripting language designed for web development but also used as a general-purpose programming language. Originally created by Rasmus Lerdorf in 1994, the PHP reference implementation is now produced by The PHP Group.
Posts: 3
Joined: Mon Dec 11, 2017 3:08 pm

Re: SQL Injections in PHP

Postby andr8558 on Mon Jan 22, 2018 10:38 am

You should always be careful when dealing with PHP or any other languages because security is the number one factor!
Posts: 22
Joined: Thu Jan 11, 2018 5:45 pm

Return to PHP

Who is online

Users browsing this forum: No registered users and 1 guest