PHP Classes
elePHPant
Icontem

You've got a big SQL Injection problem in for example your sh...

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us

      Reviews  >  All threads  >  You've got a big SQL Injection...  >  (Un) Subscribe thread alerts  
Subject:You've got a big SQL Injection...
Summary:Package rating comment
Messages:3
Author:Kai Dorschner
Date:2009-08-03 09:14:33
Update:2009-08-03 10:15:05
 

Kai Dorschner rated this package as follows:

Utility: Sufficient
Consistency: Insufficient
Documentation: Sufficient
Examples: Good

  1. You've got a big SQL Injection...   Reply   Report abuse  
Picture of Kai Dorschner Kai Dorschner - 2009-08-03 09:14:33
You've got a big SQL Injection problem in for example your showRating(); method. You parametrized $_GET['item_id']; without ANY check (htmlentities, or else). This var is directly inserted into a MYSQL string!

Be careful with SQL.

Greets,
Kai

  2. Re: You've got a big SQL Injection...   Reply   Report abuse  
Picture of Manish Khanchandani Manish Khanchandani - 2009-08-03 09:35:00 - In reply to message 1 from Kai Dorschner
$_GET['item_id'] is taken as an example of how you will use this class. It is upto you how you take the item_id or product_id or any unique key id in your application. If you want, you can pass item id with htmlentities. I have given one example of how to use this class.

  3. Re: You've got a big SQL Injection...   Reply   Report abuse  
Picture of Kai Dorschner Kai Dorschner - 2009-08-03 10:15:05 - In reply to message 2 from Manish Khanchandani
Your answer is quite correct, but don't you think for encapsulation and usability reasons it's better to to implement the SQL-checking-routine inside your classes so nobody has to grapple with those sticky things.


Btw. you should even document that one has to implement this routine, if you won't implement it by yourself. Not everyone is that save to handle that problem.

Greets,
Kai