PHP Classes

class_sql_inject: Detect attempts to perform SQL injection attacks

Recommend this page to a friend!
  Info   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2003-10-05 (13 years ago) RSS 2.0 feedStarStarStar 44%Total: 7,104 All time: 261 This week: 1,090Down
Version License Categories
class_sql_inject 1.0GNU General Publi...Databases, Security
Description Author

This class is meant to search in your SQL data values for special characters that may change the meaning of your SQL data and execute actions that may compromise the security of servers.

When some of these suspicious character sequences is found in HTTP POST request values ($_POST), you can:
- Destroy the current session
- Redirect to a new page
- Log the activity

To check the request values do the following:

$bDestroy_session = TRUE;
$url_redirect = 'index.php';
$sqlinject = new sql_inject('./path_to_log.log',$bDestroy_session,$url_redirect);

This class requires PHP 4 or later.

Notice: this class recognise only some of the known types of SQL injection methods and so it is not yet ready to deal with all possible ways to perform this kind of attack.

Picture of MARY Matthieu
Name: MARY Matthieu <contact>
Classes: 19 packages by
Country: France, Metropolitan France, Metropolitan
Age: 37
All time rank: 251 in France, Metropolitan France, Metropolitan
Week rank: 386 Down1 in France, Metropolitan France, Metropolitan Equal

  Files folder image Files  
File Role Description
Plain text file class_sql_inject.php Class class file
Accessible without login Plain text file class_sql_inject_examples.php Example an examples of some SQL_injections attempt detect by the class
Accessible without login Plain text file LICENCE Lic. copy of GPL licence

 Version Control Unique User Downloads Download Rankings  
This week:0
All time:261
This week:1,090Down
 User Ratings  
 All time