-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathq5.php
More file actions
34 lines (27 loc) · 1.04 KB
/
q5.php
File metadata and controls
34 lines (27 loc) · 1.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<?php
/**
## Question 5 - Basic SQL
Please consider the following:
```php
$place = "Jimmy's Place";
$sql = "INSERT INTO place(name) VALUES('{$place}')";
$this->db->query($sql);
```
Is this going to be valid, or will it produce an error? And if there is an error, what is it and how can it be fixed?
*/
/**
This code introduces an SQL injection vulnerability, whereby a user could cause the server to execute malicious queriesz
by defining the string $place to contain a closing query segment '); followed by an arbitrary query.
It can be prevented by using either prepared statements, or escaped strings which replace special characters like quotes with safe representations..
*/
// Prepared statement example
$place = "Jimmy's Place";
$sql = "INSERT INTO place(name) VALUES (?)";
$stmt = $this->db->prepare($sql);
$stmt->bind_param("s", $place);
$stmt->execute();
// Escaped strings example
$place = "Jimmy's Place";
$escaped_place = $this->db->escape_string($place);
$sql = "INSERT INTO place(name) VALUES('{$escaped_place}')";
$this->db->query($sql);