Home/ Questions/Q 6031317
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T05:09:56+00:00

i was trying to check a web site for an sql injection attack and

  • 0

i was trying to check a web site for an sql injection attack and amazed to see it not very very simple to prevent because below is the simple code . 

$sql="select * from user_acount where login_id='".$username."' and password='".$password."' and status='1' ";

i can not do any sql injection to test it. i wrote the following

1st Attempt to check sql injection

Login:  admin'--
Password:'i typed nothing here '

Result Wrong password you cannot login.

2nd: 

Login:  admin or 1=1 --' 
Password:''

Result Wrong password you cannot login.

3rd: 

Login:  admin' or 1=1 
Password:''

4th:
Login: admin or 1=1′–
Password:”

Result Wrong password you cannot login.

Can anyone please explain what is stopping me ? i am not using prepared statements nor i am using any filter class neither i have real_escape_string ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Two possibilities:

    1. There is no login_id with admin, therefore the query looks like:

      select * from user_acount where login_id='admin'

    2. magic_quotes have been enabled, resulting in queries like:

      select * from user_acount where login_id='admin\'--' and password='' and status='1'
select * from user_acount where login_id='admin or 1=1 --\'' and password='' and status='1'

      The last query will always fail, even if magic quotes was turned off:

      select * from user_acount where login_id='admin or 1=1 --'' and password='' and status='1'

      Because -- comments within strings do not work, the query is interpreted like:

      select * from user_acount where login_id='STRING'' and password='' and status='1'

      As you can see, this will result in a syntax error after 'STRING'

    • 0