Skip to Main Content
MySQL Stored Procedure Programming
book

MySQL Stored Procedure Programming

by Guy Harrison, Steven Feuerstein
March 2006
Intermediate to advanced content levelIntermediate to advanced
640 pages
17h 8m
English
O'Reilly Media, Inc.
Content preview from MySQL Stored Procedure Programming

Stored Programs and Code Injection

SQL injection is the name given to a particular form of security attack in applications that rely on dynamic SQL. With dynamic SQL, the SQL statement is constructed, parsed, and executed at runtime. If that statement is pieced together from one or more fragments of SQL syntax, a malicious user could inject unintended and unwanted code for execution within the dynamic SQL framework.

For an example of code injection , consider the PHP code shown in Example 18-12. This code requests a department ID from the user (line 7) and then builds up a SQL statement to retrieve the names of all employees in that department (lines 24-35).

See Chapter 13 for a detailed discussion of interfacing between PHP and MySQL.

Example 18-12. PHP code susceptible to SQL injection

1 <html> 2 <title>Employee Query</title> 3 <h1>Employee Query</h1> 4 5 <FORM ACTION="<?php echo $_SERVER['PHP_SELF']; ?>" METHOD=POST> 6 <p>Enter Department Id: 7 <input type="text" name="department" size="60"> 8 <input type="submit" name="submit" value="submit"><p> 9 </form> 10 11 <?php 12 require_once "HTML/Table.php"; 13 14 15 /*Check to see if user has hit submit*/ 16 if (IsSet ($_POST['submit'])) { 17 $dbh = new mysqli($hostname, $username, $password, $database); 18 19 /* check connection */ 20 if (mysqli_connect_errno( )) { 21 printf("Connect failed: %s\n", mysqli_connect_error( )); 22 exit ( ); 23 } 24 $sql="SELECT employee_id,surname,firstname FROM employees". 25 " WHERE department_id =".$_POST['department']; ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

MySQL Concurrency: Locking and Transactions for MySQL Developers and DBAs

MySQL Concurrency: Locking and Transactions for MySQL Developers and DBAs

Jesper Wisborg Krogh
MySQL 8 Administrator???s Guide

MySQL 8 Administrator???s Guide

Chintan Mehta, Hetal Oza, Subhash Shah, Ravi Shah
MySQL Cookbook, 4th Edition

MySQL Cookbook, 4th Edition

Sveta Smirnova, Alkin Tezuysal
Learning MySQL, 2nd Edition

Learning MySQL, 2nd Edition

Vinicius M. Grippa, Sergey Kuzmichev

Publisher Resources

ISBN: 0596100892Supplemental ContentErrata Page