因为数据库管理不善导致数据丢失,为自己带来损失的例子不再少数。我们这次就要讲到下面代码显示了运行 SQL 语句的示例脚本。在本例中,SQL 语句是允许相同攻击的动态语句。此表单的所有者可能认为表单是安全的,因为他们已经把列名限定为选择列表。但是,代码疏忽了关于表单欺骗的最后一个习惯 — 代码将选项限定为下拉框并不意味着其他人不能够发布含有所需内容的表单(包括星号 [*])。
<ol class="dp-xml">
<li class="alt"><span><strong><font color="#006699"><span class="tag"><span class="tag-name">html</span><span class="tag">></span></span></font></strong><span> </span></span></li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">head</span><span class="tag">></span></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">title</span><span class="tag">></span></span></font></strong><span>SQL Injection Example</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">title</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">head</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">body</span><span class="tag">></span></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">form</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">id</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"myFrom"</font></span><span> </span><span class="attribute"><font color="#ff0000">action</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"<?php echo $_SERVER['PHP_SELF']; ?>"</font></span><span> </span>
</li>
<li class="alt">
<span> </span><span class="attribute"><font color="#ff0000">method</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"post"</font></span><span class="tag"><strong><font color="#006699">></font></strong></span><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">div</span><span class="tag">></span><span class="tag"><span class="tag-name">input</span></span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">type</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"text"</font></span><span> </span><span class="attribute"><font color="#ff0000">name</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"account_number"</font></span><span> </span>
</li>
<li class="alt">
<span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>="</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">php</span></font></strong><span> echo(isset($_POST['account_number']) ? </span>
</li>
<li class="">
<span> $_POST['account_number'] : ''); </span><span class="tag"><strong><font color="#006699">?></font></strong></span><span>" </span><span class="tag"><strong><font color="#006699">/></font></strong></span><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">select</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">name</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"col"</font></span><span class="tag"><strong><font color="#006699">></font></strong></span><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">option</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"account_number"</font></span><span class="tag"><strong><font color="#006699">></font></strong></span><span>Account Number</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">option</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">option</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"name"</font></span><span class="tag"><strong><font color="#006699">></font></strong></span><span>Name</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">option</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">option</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"address"</font></span><span class="tag"><strong><font color="#006699">></font></strong></span><span>Address</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">option</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">select</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">input</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">type</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"submit"</font></span><span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"Save"</font></span><span> </span><span class="attribute"><font color="#ff0000">name</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"submit"</font></span><span> </span><strong><font color="#006699"><span class="tag">/></span><span class="tag"></span><span class="tag-name">div</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">form</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">php</span></font></strong><span> </span>
</li>
<li class="alt"><span>if ($_POST['submit'] == 'Save') { </span></li>
<li class=""><span> /* do the form processing */ </span></li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">link</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">mysql_connect</font></span><span>('hostname', 'user', 'password') or </span>
</li>
<li class=""><span> die ('Could not connect' . mysql_error()); </span></li>
<li class="alt"><span> mysql_select_db('test', $link); </span></li>
<li class=""><span> </span></li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">col</font></span><span> = $_POST['col']; </span>
</li>
<li class=""><span> </span></li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">select</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">"SELECT "</font></span><span> . $col . " FROM account_data WHERE </span><span class="attribute"><font color="#ff0000">account_number</font></span><span> = " </span>
</li>
<li class=""><span> . $_POST['account_number'] . ";" ; </span></li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">p</span><span class="tag">></span></span></font></strong><span>' . $select . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">p</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class=""><span> </span></li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">result</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">mysql_query</font></span><span>($select) or die('</span><strong><font color="#006699"><span class="tag"><span class="tag-name">p</span><span class="tag">></span></span></font></strong><span>' . mysql_error() . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">p</span><span class="tag">></span></font></strong><span>'); </span>
</li>
<li class=""><span> </span></li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">table</span><span class="tag">></span></span></font></strong><span>'; </span>
</li>
<li class="">
<span> while ($</span><span class="attribute"><font color="#ff0000">row</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">mysql_fetch_assoc</font></span><span>($result)) { </span>
</li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">tr</span><span class="tag">></span></span></font></strong><span>'; </span>
</li>
<li class="">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">td</span><span class="tag">></span></span></font></strong><span>' . $row[$col] . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">td</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">tr</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class=""><span> } </span></li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">table</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class=""><span> </span></li>
<li class="alt"><span> mysql_close($link); </span></li>
<li class=""><span>} </span></li>
<li class="alt">
<span></span><span class="tag"><strong><font color="#006699">?></font></strong></span><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">body</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">html</span><span class="tag">></span></font></strong><span> </span>
</li>
</ol>
因此,要形成PHP保护数据库的习惯,请尽可能避免使用动态 SQL 代码。如果无法避免动态 SQL 代码,请不要对列直接使用输入。下面则显示了除使用静态列外,还可以向帐户编号字段添加简单验证例程以确保输入值不是非数字值。
<ol class="dp-xml">
<li class="alt"><span><strong><font color="#006699"><span class="tag"><span class="tag-name">html</span><span class="tag">></span></span></font></strong><span> </span></span></li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">head</span><span class="tag">></span></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">title</span><span class="tag">></span></span></font></strong><span>SQL Injection Example</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">title</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">head</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">body</span><span class="tag">></span></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">form</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">id</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"myFrom"</font></span><span> </span><span class="attribute"><font color="#ff0000">action</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"<?php echo $_SERVER['PHP_SELF']; ?>"</font></span><span> </span>
</li>
<li class="alt">
<span> </span><span class="attribute"><font color="#ff0000">method</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"post"</font></span><span class="tag"><strong><font color="#006699">></font></strong></span><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"><span class="tag-name">div</span><span class="tag">></span><span class="tag"><span class="tag-name">input</span></span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">type</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"text"</font></span><span> </span><span class="attribute"><font color="#ff0000">name</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"account_number"</font></span><span> </span>
</li>
<li class="alt">
<span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>="</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">php</span></font></strong><span> echo(isset($_POST['account_number']) ? </span>
</li>
<li class="">
<span> $_POST['account_number'] : ''); </span><span class="tag"><strong><font color="#006699">?></font></strong></span><span>" </span><span class="tag"><strong><font color="#006699">/></font></strong></span><span> </span><strong><font color="#006699"><span class="tag"><span class="tag-name">input</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">type</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"submit"</font></span><span> </span>
</li>
<li class="alt">
<span> </span><span class="attribute"><font color="#ff0000">value</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"Save"</font></span><span> </span><span class="attribute"><font color="#ff0000">name</font></span><span>=</span><span class="attribute-value"><font color="#0000ff">"submit"</font></span><span> </span><strong><font color="#006699"><span class="tag">/></span><span class="tag"></span><span class="tag-name">div</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">form</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">php</span></font></strong><span> </span>
</li>
<li class=""><span>function isValidAccountNumber($number) </span></li>
<li class="alt"><span>{ </span></li>
<li class=""><span> return is_numeric($number); </span></li>
<li class="alt"><span>} </span></li>
<li class=""><span>if ($_POST['submit'] == 'Save') { </span></li>
<li class="alt"><span> </span></li>
<li class=""><span> /* Remember habit #1--validate your data! */ </span></li>
<li class="alt"><span> if (isset($_POST['account_number']) & </span></li>
<li class=""><span> isValidAccountNumber($_POST['account_number'])) { </span></li>
<li class="alt"><span> </span></li>
<li class=""><span> /* do the form processing */ </span></li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">link</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">mysql_connect</font></span><span>('hostname', 'user', 'password') or </span>
</li>
<li class=""><span> die ('Could not connect' . mysql_error()); </span></li>
<li class="alt"><span> mysql_select_db('test', $link); </span></li>
<li class=""><span> </span></li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">select</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">sprintf</font></span><span>("SELECT account_number, name, address " . </span>
</li>
<li class="">
<span> " FROM account_data WHERE </span><span class="attribute"><font color="#ff0000">account_number</font></span><span> = %s;", </span>
</li>
<li class="alt"><span> mysql_real_escape_string($_POST['account_number'])); </span></li>
<li class="">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">p</span><span class="tag">></span></span></font></strong><span>' . $select . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">p</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class="alt">
<span> $</span><span class="attribute"><font color="#ff0000">result</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">mysql_query</font></span><span>($select) or die('</span><strong><font color="#006699"><span class="tag"><span class="tag-name">p</span><span class="tag">></span></span></font></strong><span>' . mysql_error() . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">p</span><span class="tag">></span></font></strong><span>'); </span>
</li>
<li class=""><span> </span></li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">table</span><span class="tag">></span></span></font></strong><span>'; </span>
</li>
<li class="">
<span> while ($</span><span class="attribute"><font color="#ff0000">row</font></span><span> = </span><span class="attribute-value"><font color="#0000ff">mysql_fetch_assoc</font></span><span>($result)) { </span>
</li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">tr</span><span class="tag">></span></span></font></strong><span>'; </span>
</li>
<li class="">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">td</span><span class="tag">></span></span></font></strong><span>' . $row['account_number'] . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">td</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">td</span><span class="tag">></span></span></font></strong><span>' . $row['name'] . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">td</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class="">
<span> echo '</span><strong><font color="#006699"><span class="tag"><span class="tag-name">td</span><span class="tag">></span></span></font></strong><span>' . $row['address'] . '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">td</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">tr</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class=""><span> } </span></li>
<li class="alt">
<span> echo '</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">table</span><span class="tag">></span></font></strong><span>'; </span>
</li>
<li class=""><span> </span></li>
<li class="alt"><span> mysql_close($link); </span></li>
<li class=""><span> } else { </span></li>
<li class="alt">
<span> echo "</span><strong><font color="#006699"><span class="tag"><span class="tag-name">span</span></span></font></strong><span> </span><span class="attribute"><font color="#ff0000">style</font></span><span>="font-color:red"</span><span class="tag"><strong><font color="#006699">></font></strong></span><span>" . </span>
</li>
<li class="">
<span> "Please supply a valid account number!</span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">span</span><span class="tag">></span></font></strong><span>"; </span>
</li>
<li class="alt"><span> </span></li>
<li class=""><span> } </span></li>
<li class="alt"><span>} </span></li>
<li class="">
<span></span><span class="tag"><strong><font color="#006699">?></font></strong></span><span> </span>
</li>
<li class="alt">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">body</span><span class="tag">></span></font></strong><span> </span>
</li>
<li class="">
<span></span><strong><font color="#006699"><span class="tag"></span><span class="tag-name">html</span><span class="tag">></span></font></strong><span> </span>
</li>
</ol>
在这次PHP保护数据库的例子中还展示了 mysql_real_escape_string() 函数的用法。此函数将正确地过滤您的输入,因此它不包括无效字符。如果您一直依赖于 magic_quotes_gpc,那么需要注意它已被弃用并且将在 PHP V6 中删除。从现在开始应避免使用它并在此情况下编写安全的 PHP 应用程序。此外,如果使用的是 ISP,则有可能您的 ISP 没有启用 magic_quotes_gpc。
最后,在改进的PHP保护数据库示例中,您可以看到该 SQL 语句和输出没有包括动态列选项。使用这种方法,如果把列添加到稍后含有不同信息的表中,则可以输出这些列。如果要使用框架以与数据库结合使用,则您的框架可能已经为您执行了 SQL 验证。确保查阅文档以保证框架的安全性;如果仍然不确定,请进行验证以确保稳妥。即使使用框架进行数据库交互,仍然需要执行其他验证。
陳述
本文內容由網友自願投稿,版權歸原作者所有。本站不承擔相應的法律責任。如發現涉嫌抄襲或侵權的內容,請聯絡admin@php.cn
熱AI工具
Undresser.AI Undress
人工智慧驅動的應用程序,用於創建逼真的裸體照片
AI Clothes Remover
用於從照片中去除衣服的線上人工智慧工具。
Undress AI Tool
免費脫衣圖片
Clothoff.io
AI脫衣器
AI Hentai Generator
免費產生 AI 無盡。
熱門文章
R.E.P.O.能量晶體解釋及其做什麼(黃色晶體)
3 週前By尊渡假赌尊渡假赌尊渡假赌
R.E.P.O.最佳圖形設置
3 週前By尊渡假赌尊渡假赌尊渡假赌
刺客信條陰影:貝殼謎語解決方案
2 週前ByDDD
R.E.P.O.如果您聽不到任何人,如何修復音頻
3 週前By尊渡假赌尊渡假赌尊渡假赌
WWE 2K25:如何解鎖Myrise中的所有內容
3 週前By尊渡假赌尊渡假赌尊渡假赌
熱工具
禪工作室 13.0.1
強大的PHP整合開發環境
Atom編輯器mac版下載
最受歡迎的的開源編輯器
Dreamweaver CS6
視覺化網頁開發工具
ZendStudio 13.5.1 Mac
強大的PHP整合開發環境
EditPlus 中文破解版
體積小,語法高亮,不支援程式碼提示功能
