[28969] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: PHPNuke SQL Injection / General SQL Injection

daemon@ATHENA.MIT.EDU (David Walker)
Fri Feb 21 16:40:03 2003

From: David Walker <bugtraq@grax.com>
Reply-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Date: Fri, 21 Feb 2003 15:21:12 -0600
In-Reply-To: <20030220203611.17077.qmail@www.securityfocus.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200302211521.12548@grx>

When programming a system that creates sql strings based on passed in integers
i.e. where some_int=$variable_from_querystring
you must always do a check to confirm that that variable contains only numeric 
data.   

an alternate fix on sql servers that allow the format
where some_int='1234' -- (quoted numbers)
would be to do
where some_int='replace($variable_from_querystring,"'","''")'
This would cause a more than likely harmless error to occur whenever character 
occurs within the passed in numeric/integer variable.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28969] in bugtraq

Re: PHPNuke SQL Injection / General SQL Injection

daemon@ATHENA.MIT.EDU (David Walker)Fri Feb 21 16:40:03 2003

daemon@ATHENA.MIT.EDU (David Walker)
Fri Feb 21 16:40:03 2003