Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Is PHP's addslashes vulnerable to sql injection attack?
- $user = addslashes($_POST['user']);
- $pass = sha1($_POST['pass']);
- $sql = "SELECT * FROM admins WHERE user = '".$user."' AND `pass` = '".$pass."'";
- $nums = mysql_num_rows(mysql_query($sql));
- if($nums==1){
- $_SESSION['admin_user'] = $user;
- $_SESSION['admin_pass'] = $pass;
- "SELECT * FROM admins WHERE id = $id"
- "SELECT * FROM admins WHERE id = 1 OR 1=1"
- Example #1 An addslashes() example
- <?php
- $str = "Is your name O'reilly?";
- // Outputs: Is your name O'reilly?
- echo addslashes($str);
- $query = sprintf("SELECT `username`,`password`
- FROM admins
- WHERE user = '%s'
- AND `pass` = '%s'",
- $user, $pass);
Add Comment
Please, Sign In to add comment