0

Possible Duplicate:
How to prevent SQL injection?

This is more of a philosophical point i'm trying to determine, out of curiosity.

I know that theoretically, any password or encryption is crackable.

But is it the same with SQL injection, where one just has to find the appropriate measures to deal with /bypass whatever security measures are implemented in the site? Or is injection something that can be definitively and with certainty defended against using a fixed set of security measures?

Im essentially wondering if it is possible to the input fields in my site unhackable through injection, or whether there will always be some vulnerability?

Community
  • 1
  • 1
user1787489
  • 937
  • 2
  • 8
  • 15
  • Theoretically, hashes can't be deterministically reversed because it's not a one-to-one mapping from keys to hashes. But you can often guess what the right key. – Waleed Khan Dec 08 '12 at 02:59
  • 2
    It really has nothing to do specifically with "input fields", that is just *one* possible attack vector. – Wesley Murch Dec 08 '12 at 02:59

3 Answers3

2

Being vulnerable to SQL injection is a bug. A well-built application will not contain such a bug, and no amount of effort will make such a bug appear.

1

SQL injection implies the data entered conforms to valid SQL (though typically injected in a creative way to produce undesired results).

To protect against it, you simply need to ensure that any user supplied data is encoded in a way that it cannot be misused.

As mentioned in a link above ( How can I prevent SQL injection in PHP? ), using prepared statements is a best practice to protect against SQL injection.

Community
  • 1
  • 1
iDurocher
  • 875
  • 9
  • 11
0

Sql injection is a technique used to hijack the security of website.

Sql injection occurs when data specified in input fields are not filtered for escape characters and passed into sql query for execution.

For testing sql injection please refer the following url. http://sqlzoo.net/hack/

In above url try specifying "'" in field for name and specify "OR 1=1 #" in field for password

So the resultant query will be

      SELECT * from user where name='' OR 1=1#' and password='';

In the above example you can notice that query is broken after specifying above data in input fields and any anonymous user can easily login into website.

There are several techniques to prevent sql injection.

(1) Input data must be filtered using mysql_real_escape_string while being passed into sql query for execution.

For more details about mysql_real_escape_string function please refer the documentation mentioned in below url. http://php.net/manual/en/function.mysql-real-escape-string.php

Rubin Porwal
  • 3,736
  • 1
  • 23
  • 26