0

I have a php code where i try to update the whois data on SQL. I was able to add the whois raw response to MySQL table. The problem arise when I try to update it. My code looks like this:

//function 
function whois($site)
    {
    
     $domain = $site;
    
     $servers = array(
      ".com" => "whois.internic.net",
    
     );
    
     if (!isset($servers[$ext])) {
       return false;
     }
    
     $nic_server = $servers[$ext];
    
     $output = '';
    
     // connect to whois server:
     if ($conn = fsockopen($nic_server, 43)) {
      fwrite($conn, $domain."\r\n");
      while (!feof($conn)) {
       $output .= fgets($conn, 128);
      }
      fclose($conn);
     } else {
       return false;
     }
     return $output;
    }
    $site ="example.com";
    $whoisinfo = whois($site);

    //updating data
    $conn->query("UPDATE tablename SET whois='$whoisinfo' WHERE site='$site'");

But the data is not updated on the SQL. But I can see that other data can be updated. but not the whois data. Can anyone tell me the reason?

depo
  • 3
  • 2
  • Have you checked your error logs? You're making an assumption the query is working. You should [never use `die()`](https://stackoverflow.com/a/15320411/1011527) and use `mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);` with your database connection code to throw errors for all of your queries when they occur. – Jay Blanchard Sep 01 '20 at 13:09
  • [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***. Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Sep 01 '20 at 13:09

1 Answers1

0

Now I have solved the problem by adding one more line just above the SQL command.

$whoisinfo = htmlentities(trim($whoisinfo), ENT_QUOTES, 'UTF-8', false);

Even when inserting I tried to do this. And it works well.

depo
  • 3
  • 2