Created
December 28, 2013 03:50
-
-
Save jesusnoseq/8155947 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Configuracion de la conexion a la base de datos | |
// Normalmente se pone en otro fichero para hacer | |
// include o require posteriormente | |
define('NAME',"sqltest"); | |
define('SERVER',"127.0.0.1"); | |
define('USER',"root"); | |
define('PWD',""); | |
?> | |
<!doctype html> | |
<html lang="es"><head> | |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> | |
<title> | |
Test SQL injection | |
</title> | |
<body> | |
<h2>Formulario</h2> | |
<form name="login" action="index.php" method="POST" accept-charset="utf-8"> | |
<ul> | |
<li><label for="username">username</label> | |
<input type="text" name="username" placeholder="your username" required></li> | |
<li><label for="password">Password</label> | |
<input type="text" name="password" placeholder="password" required></li> | |
<li> | |
<input type="submit" value="Login"></li> | |
</ul> | |
</form> | |
<h2>Datos POST</h2> | |
<?php | |
$username=$_POST['username']; | |
$password=$_POST['password']; | |
if ($username && $password){ | |
echo 'Usuario: '. $username; | |
echo '</br>Password: '. $password; | |
?> | |
<h2>Datos seleccionados de la BD sin filtrar los datos de entrada</h2> | |
<?php | |
//******************************************************* METODO VULNERABLE **// | |
$connect=mysql_connect(SERVER, USER, PWD) | |
or die ("Error while connecting to database"); | |
mysql_select_db(NAME,$connect) | |
or die ("Error while select database"); | |
//$sql="select id, username, password from usuarios | |
// where username like '$username' and password like $password"; | |
$sql="select id, username, password from usuarios | |
where username='$username' and password='$password'"; | |
$result=mysql_query($sql,$connect) | |
or die(mysql_error().'<br>'.$sql); // si falla muestro el error | |
mysql_close($connect); | |
$matriz=array(); | |
while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) { | |
$matriz[]=$row; | |
} | |
$result=null; | |
echo 'Filas: '.count($matriz); | |
echo '<pre>'; | |
print_r($matriz); | |
echo '</pre>'; | |
$matriz=NULL; | |
?> | |
<h2>Datos seleccionados de la BD filtrando los datos de entrada</h2> | |
<?php | |
//*********************************************************** METODO SEGURO **// | |
$pdo = new PDO('mysql:host='.SERVER.';dbname='.NAME, USER, PWD); | |
$statement = $pdo->prepare("select id, username, password from usuarios | |
where username=? and password=?"); | |
// asigno y filtro las entradas | |
$statement->bindParam(1, $username, PDO::PARAM_STR, 200); | |
$statement->bindParam(2, $password, PDO::PARAM_STR, 200); | |
$statement->execute(); | |
$result = $statement->fetchall(PDO::FETCH_ASSOC); | |
$statement->closeCursor(); | |
echo 'Filas: '.count($matriz); | |
echo '<pre>'; | |
print_r($result); | |
echo '</pre>'; | |
} | |
?> | |
</body> | |
</html> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment