Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $link = mysql_connect('localhost', 'root', '');
- if (!$link) {
- die('Could not connect: ' . mysql_error());
- }
- if (!mysql_select_db('test')) {
- die('Could not select database: ' . mysql_error());
- }
- var_dump($_REQUEST);
- $safe = True;
- if (isset($_GET['id'])) {
- # If id is not numeric than it probably isn't safe.
- if (!is_numeric($_GET['id'])) {
- $safe = False;
- }
- # Test the value of id with a "safe" query to determine if SQLi or not.
- $query = mysql_query("SELECT 1 FROM users WHERE 1=" . $_GET['id']);
- # If query doesn't run than there is most likely no risk of SQLi.
- if (!$query)
- $safe = True;
- # Value of id is not safe, possible SQLi.
- if (!$safe)
- die("SQL INJECTION DETECTED");
- # Our "safe" query did not execute, should be safe to run on real query.
- $query = mysql_query("SELECT username FROM users WHERE id=" . $_GET['id']);
- if (!$query) {
- die('Could not query:' . mysql_error());
- }
- echo '<pre>';
- print_r(mysql_fetch_row($query));
- echo '</pre>';
- } else
- echo "Did not find a value for id.";
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement