O'Reilly logo

MySQL Stored Procedure Programming by Steven Feuerstein, Guy Harrison

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Stored Programs and Code Injection

SQL injection is the name given to a particular form of security attack in applications that rely on dynamic SQL. With dynamic SQL, the SQL statement is constructed, parsed, and executed at runtime. If that statement is pieced together from one or more fragments of SQL syntax, a malicious user could inject unintended and unwanted code for execution within the dynamic SQL framework.

For an example of code injection , consider the PHP code shown in Example 18-12. This code requests a department ID from the user (line 7) and then builds up a SQL statement to retrieve the names of all employees in that department (lines 24-35).

See Chapter 13 for a detailed discussion of interfacing between PHP and MySQL.

Example 18-12. PHP code susceptible to SQL injection
1 <html> 2 <title>Employee Query</title> 3 <h1>Employee Query</h1> 4 5 <FORM ACTION="<?php echo $_SERVER['PHP_SELF']; ?>" METHOD=POST> 6 <p>Enter Department Id: 7 <input type="text" name="department" size="60"> 8 <input type="submit" name="submit" value="submit"><p> 9 </form> 10 11 <?php 12 require_once "HTML/Table.php"; 13 14 15 /*Check to see if user has hit submit*/ 16 if (IsSet ($_POST['submit'])) { 17 $dbh = new mysqli($hostname, $username, $password, $database); 18 19 /* check connection */ 20 if (mysqli_connect_errno( )) { 21 printf("Connect failed: %s\n", mysqli_connect_error( )); 22 exit ( ); 23 } 24 $sql="SELECT employee_id,surname,firstname FROM employees". 25 " WHERE department_id =".$_POST['department']; ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required