I have project developed using cakephp 1.3 and for testing I used SQL Inject

Question

0

Asked: May 24, 20262026-05-24T13:52:45+00:00 2026-05-24T13:52:45+00:00

I have project developed using cakephp 1.3 and for testing I used SQL Inject

0

I have project developed using cakephp 1.3 and for testing I used SQL Inject me addon (firefox)

From cakephp manual, what I understood is, the save() and find() methods will automatically protect the data from SQL injection. But while running “SQL inject me” test, I am always getting failures as result.

For ex: Results:
Server Status Code: 302 Found
Tested value: 1′ AND 1=(SELECT COUNT(*) FROM tablenames); —
Server Status Code: 302 Found
Tested value: ‘; DESC users; —
Server Status Code: 302 Found
Tested value: 1’1

I have tried with cakephp santize methods, then also I am getting the errors in “sql inject me”.

Any help ?

Sample code

$this->data['User'] = Sanitize::clean($this->data['User'], array('encode' => false));
$this->User->save($this->data);

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-24T13:52:45+00:00

Editorial Team

2026-05-24T13:52:45+00:00Added an answer on May 24, 2026 at 1:52 pm

How to fix Server Status Code: 302 Found by SQL Inject Me Firefox Addon

that error shows that the sql injection has been prevented. You don’t need Sanitize for SQL injection, but for XSS.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have project developed using cakephp 1.3 and for testing I used SQL Inject

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply