###Possible security implications of accepting user queries
The following code receives a query string from the $_POST
variable then it queries the database. If there are results, it will json_encode()
those results and output that. If there are no results then nothing will happen, this is to hopefully give attackers as little information as possible.
The MySQL user account only has the SELECT
privilege and only on a database deemed to have no private information. The page will also not respond if the user has not authenticated and will track the queries that each user account submits.
Are there any other security holes that I'm missing?
if(isset($_POST) && isset($_POST['q'])) {
$mysqli = new mysqli($db_config['host'],$db_config['user'],$db_config['pass'],$db_config['name']);
if(!$mysqli->connect_error && $result = $mysqli->query($_GET['q'])) {
while($row = $result->fetch_assoc()) {
$rows[] = $row;
}
echo json_encode($rows);
}
}