[22663] in bugtraq
Re: MySQL (was Re: Notice about seconds overroll - S7K bug)
daemon@ATHENA.MIT.EDU (Radu Rendec)
Mon Sep 17 12:34:07 2001
Message-Id: <200109171233.f8HCXTF11608@Master.iNES.RO>
Date: Mon, 17 Sep 2001 15:34:48 +0300
From: Radu Rendec <radu.rendec@ines.ro>
To: Dennis Murphy <dmurphy@nbvb.com>
Cc: bugtraq@securityfocus.com
In-Reply-To: <Pine.LNX.4.20.0109161615420.410-100000@gozer.nbvb.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
On Sun, 16 Sep 2001 16:24:30 -0400 (EDT)
Dennis Murphy <dmurphy@nbvb.com> wrote:
DM> The way I dealt with this in PHP is by writing a function to validate input
DM> (i.e. Make sure there's nothing but an integer coming in as a parameter).
DM> There's probably a half-dozen ways to rewrite this function more efficiently,
DM> but at least it works...
If speed is a concern, there are faster methods to validate GET/POST data.
One is to cast to int in PHP, like:
$query="select * from my_table where id=".((int)$id);
However, there might be a problem if int is internally represented in
lower precision in PHP than it is in SQL. Another method is to enclose the
variable contents in quotes:
$query="select * from my_table where id='".addslashes($id)."'";
--
Radu Constantin Rendec
Web Solutions Manager
iNES Advertising ( http://www.ines.ro )
