• This is a read only backup of the old Emudevs forum. If you want to have anything removed, please message me on Discord: KittyKaev

[SECURITY] How To Patch SQL Injection And XSS Vulnerability

I

ImperialDev

Enthusiast
Hello,
First of all Sorry about my BAD ENGLISH but I try to explain Clean.
Im Not VERY Pro at This Article But I know something about this and wanted to share.
We have two common Hacking Methods for hacking websites,
  • SQL Injection
  • XSS (Cross Site Scripting)
Step 1) SQL Injection Vulnerability
This Vulnerability apear when programer use GET or POST method.

Example:
PHP: 
<?php
$postid = $_GET['id'];
$result = mysqli_query($con,"SELECT * FROM `post` WHERE `id`=$postid");
?>
And url will be www.site.com/index.php?id=5

Now, How To Fix!
If our postid or articleid or anything is a Number we can use Intval Function Like this:
PHP: 
<?php
$postid = intval($_GET['id']);
$result = mysqli_query($con,"SELECT * FROM `post` WHERE `id`=$postid");
?>

Else If our postid or articleid or anything is a Number Or a String We can use mysql_real_escape_string Function like this:
PHP: 
<?php
$postid = mysql_real_escape_string($_GET['id']);
$result = mysqli_query($con,"SELECT * FROM `post` WHERE `id`=$postid");
?>

Step 2) XSS (Cross Site Scripting) Vulnerability
This Vulnerability based on some HTML, CSS, JavaScript Scripting, For example this script has XSS Vulnerability:
PHP: 
<?php 
$text = $_GET['search']; 
echo $text 
?>

Now, How To Fix!
For patch this Vulnerability we can use htmlentities and htmlspecialchars Functions Like This:
PHP: 
<?php 
$text = htmlspecialchars($_GET['search']); 
echo $text 
?>

OR

<?php 
$text = htmlentities($_GET['search']); 
echo $text 
?>

Hope To Enjoy,
ImperialDev
 
Last edited:
Vitrex

Vitrex

Moderator
Mate, i won't be rude, but....
Use PDO for that, we don't need go back in time, newest php already don't support mysql functions.
We have PDO functions which much more secured than MySql.
 
T

Toxic

Enthusiast
Vitrex said:
Mate, i won't be rude, but....
Use PDO for that, we don't need go back in time, newest php already don't support mysql functions.
We have PDO functions which much more secured than MySql.
Click to expand...
This is still good for those who are using old versions of PHP (Under 5.1) should also note:
" PDO provides a data-access abstraction layer, which means that, regardless of which database you're using, you use the same functions to issue queries and fetch data. PDO does not provide a database abstraction; it doesn't rewrite SQL or emulate missing features. You should use a full-blown abstraction layer if you need that facility. "

Besides, always good to know how to fix SQLI ;)
 
You must log in or register to reply here.
Top