2 replies to this topic

[VakhoQ]

Hello, how are you? :)

I'm thinking how to safe web page from Blind SQL injection(when there is no error) and from SQL injection(start working from error) .

if I use for example :
1) mysql_real_escape_string
2) if(!preg_match("/^[0-9]*$/", $variable)) exit();
is the 2 script code enough?

could you give some advice, please?

now i'm writing script and I'll show you...

I have just write this for $_GET[]

<?php

function Set($value)
{
    if(!isset($_GET[$value])) // if $_GET[$value] is NULL  
    {
    header("Location:  /index.php"); exit(); 
    }
 
    $temp = $_GET[$value];
    
    // if $_GET[$value] is not Number(s)*
    if(!preg_match("/^[0-9]*$/", $temp)) 
    {
    header("Location:  /index.php"); exit();
    }
 
    $check = mysql_query("SELECT * FROM table WHERE id=$temp");
   
    // if Row IS NULL
    if(mysql_num_rows($check) == 0) 
    {
    header("Location:  /index.php"); exit();
    }

   // if  $_GET[$value] IS NOT NULL, IS NUMBER and  row IS NOT EMPTY
   return $temp; 
}


$id= mysql_real_escape_string(Set("id"));  // then convert to mysql_real_escape_string

?>

Maby mysql_real_escape_string is not necessity here, is not it? is this Script good?

S_POST[]
for example I don't want to be tag <> in my letters. for example <script> and so on. what can i do? replace < to [ or something like this.

And please give me some advice about Blind injection

Edited by WingedPanther, 23 February 2011 - 05:32 PM.
Quadruple post

[WingedPanther]

You may want to look at this tutorial for some ideas: http://forum.codecal...t-part-5-a.html

Also, please don't put four posts in a row. Just edit your prior post to add details.

[Alexander]

I think you are over-complicating things, you can replace most of that code with

if(isset($_GET[$value]) && is_int($_GET['value'])) {
   //do query
} else {
  //redirect
}