Home >Backend Development >PHP Tutorial >php.ini magic_quotes_gpc configuration anti-injection method (1/5)_PHP tutorial
php tutorial.ini magic_quotes_gpc configuration anti-injection method
1. The magic_quotes_gpc option in the php configuration file php.ini is not turned on and is set to off
2. The developer did not check and escape the data type
But in fact, the second point is the most important. I think that checking the data type entered by the user and submitting the correct data type to the mysql tutorial should be the most basic quality of a web programmer. But in reality, many novice web developers often forget this, leaving the backdoor wide open.
Why is the second point the most important? Because without the second guarantee, the magic_quotes_gpc option, whether it is on or off, may cause SQL injection attacks. Let’s take a look at the technical implementation:
1. Injection attack when magic_quotes_gpc = off
Magic_quotes_gpc = off is a very unsafe option in php. The new version of php has changed the default value to on. But there are still quite a few servers with the option off. After all, no matter how antique the server is, there are still people using it.
When magic_quotes_gpc = on, it will automatically add all '(single quotation marks), "(double numbers), (backslashes), and whitespace characters in the submitted variables in front. The following is the official version of PHP Description:
Copy the code The code is as follows:
magic_quotes_gpc boolean
sets the magic_quotes state for gpc (get/post/cookie) operations. when magic_quotes are on, all ' (single-quote), " (double quote), (backslash) and nul's are escaped with a backslash automatically
If there is no escape, that is, in the off case, it will give attackers an opportunity to take advantage. Take the following test script as an example:
Copy the code. The code is as follows:
if ( isset($_post["f_login"] ) )
{
// Tutorial on connecting to database...
//...The code is abbreviated...// Check if the user exists
$t_struname = $_post["f_uname"];
$t_strpwd = $_post["f_pwd"];
$t_strsql = "select * from tbl_users where username='$t_struname' and password = '$t_strpwd' limit 0,1";if ( $t_hres = mysql_query($t_strsql) )
{
// Processing after successful query. Briefly...
}
}
?>sample test
1 2 3 4 5