sql-injection

问题 I have the following function that writes into a PostgreSQL database. I need to make it safe from SQL injection however I am not sure how to do that. The part of the query assembled from pg_query_params is safe from injection (or so I have been told) however the other part of the assembled query via PHP's string concatenation . is apparently vulnerable to injection. private function setItem($table, $id, $field, $itemId, $fieldValue){ $_1 = $itemId; $_2 = $fieldValue; $_3 = $field; $_4 =

问题 I am currently implementing a Vapor 4 application, which will be used to manage machines. The user should be able to search for a machine name, which I accomplished by .filter(Machine.path(for: \Machine.$name), .contains(inverse: false, .anywhere), term) where term is an arbitrary String provided by the user. The code itself works as intended, but I was wondering if there is the possibility of a SQL Injection vulnerability (or other attacks). My Question: Is SQL Injection (or other attacks)

问题 I need to insert a string defined in Javascript into an MSSQL table. This is what I have so far: Javascript: var message = "It's a great day today!"; $.post('www.server.com/message='+message, function(response){ console.log(response); }); Node.js Server: //..... a bunch of code has been used to accept the HTTP request and get the message... // for the purpose of this example, the message is asigned to 'NodeMsg' var mssqldb = require("../core/mssql"); var NodeMsg =

问题 I am currently being attacked with a URL of the form: /act/test.php?CourseId=66'+and(%2f**%2fsElEcT+1+%2f**%2ffRoM(%2f**%2fsElEcT+count(*),%2f**%2fcOnCaT((%2f**%2fsElEcT(%2f**%2fsElEcT(%2f**%2fsElEcT+%2f**%2fcOnCaT(0x217e21,ifnull(MailingDate,char(32)),0x217e21)+%2f**%2ffRoM+contin5_Mailing.Customers+%2f**%2flImIt+1400,1))+%2f**%2ffRoM+information_schema.%2f**%2ftAbLeS+%2f**%2flImIt+0,1),floor(rand(0)*2))x+%2f**%2ffRoM+information_schema.%2f**%2ftAbLeS+%2f**%2fgRoUp%2f**%2fbY+x)a)+and+'1'='1

问题 I am currently being attacked with a URL of the form: /act/test.php?CourseId=66'+and(%2f**%2fsElEcT+1+%2f**%2ffRoM(%2f**%2fsElEcT+count(*),%2f**%2fcOnCaT((%2f**%2fsElEcT(%2f**%2fsElEcT(%2f**%2fsElEcT+%2f**%2fcOnCaT(0x217e21,ifnull(MailingDate,char(32)),0x217e21)+%2f**%2ffRoM+contin5_Mailing.Customers+%2f**%2flImIt+1400,1))+%2f**%2ffRoM+information_schema.%2f**%2ftAbLeS+%2f**%2flImIt+0,1),floor(rand(0)*2))x+%2f**%2ffRoM+information_schema.%2f**%2ftAbLeS+%2f**%2fgRoUp%2f**%2fbY+x)a)+and+'1'='1

问题 How can I prevent SQL injection attacks in Go while using "database/sql"? This solves the single value field problem because you can remove the quotes, but I can't do that filtering a JSON/JSONB field, like in the following because the $1 is considered a string: `SELECT * FROM foo WHERE bar @> '{"baz": "$1"}'` The following works but it's prone to SQL Injection: `SELECT * FROM foo WHERE bar @> '{"baz": "` + "qux" + `"}'` How do I solve this? EDITED after @mkopriva's comment: How would I build

问题 I need to demonstrate SQL Inject using PHP/MySQL. I want to inject a DROP TABLE query in a login form but it never works. (TRUNCATE table works fine OTOH). After I input '; drop table users; # as field input; query turns out to be SELECT * FROM `users` WHERE `email` = ''; DROP TABLE users; #' AND `password` LIKE '3232'; But it never works using mysql_query() function. When I copy/paste this query in PHPmyAdmin directly, it works perfectly and table gets dropped. What can be the issue? 回答1:

问题 Since all SQL queries should be prepared to prevent SQL injections, why are we allowed to write and execute non-prepared queries? Doesn't this seem counterintuitive? 回答1: In cases where the query is a fixed string and does not need any program variables, it's safe to use query() to run it. Here's the example from https://www.php.net/manual/en/pdo.query.php: <?php $sql = 'SELECT name, color, calories FROM fruit ORDER BY name'; foreach ($conn->query($sql) as $row) { print $row['name'] . "\t";

问题 So I've made a form where you login from a DB. Code should be self explanatory. private void button1_Click(object sender, EventArgs e) { try { string MyConnection = "datasource=localhost;port=3306;username=root;password=xdmemes123"; MySqlConnection myConn = new MySqlConnection(MyConnection); MySqlCommand SelectCommand = new MySqlCommand("select * from life.players where DBname='" + this.username.Text + "' and DBpass='" + this.password.Text +"' ; ", myConn); MySqlDataReader myReader; myConn

问题 I am using ruby 1.8.7 and rails 2.3.2 The following code is prone to sql injection params[:id] = "1) OR 1=1--" User.delete_all("id = #{params[:id]}") My question is by doing the following will be the best solution to avoid sql injection or not. If not then what is the best way to do so? User.delete_all("id = #{params[:id].to_i}") 回答1: What about: User.where(id: params[:id]).delete_all Ok sorry for Rails 2.x its: User.delete_all(["id = ?", params[:id]]) Check doc Btw, be sure you want to use