[SOLVED] Reversing Script to Preventing SQL Injection

[Akenatehm]

Hey Guys, I have this script that deletes records from the database and is set to prevent SQL Injection but I need to edit the insert record script to also prevent SQL Injection.

 

Here is the script:

 

$insert="INSERT INTO `users` (username,password,email) values('$username','$password','$email')";

 

Here is the Delete Script with MySQL Injection Prevention Already:

 

<?php
$delete="DELETE FROM `users` WHERE 'username' = ".mysql_real_escape_string($username)." OR 'email' = ".mysql_real_escape_string($email)."";
?>

[The Little Guy]

This also encrypts the password:

 

$insert=sprintf("INSERT INTO `users` (username,password,email) values('%s',PASSWORD('%s'),'%s')",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($email));

[Akenatehm]

Thanks.

[Akenatehm]

I just realised that I do not want encyption. Could you please re do the script without encryption please. Thanks for doing it though.

[The Little Guy]

it is exactly the same, just with out the PASSWORD() function, so it would look like this:

 

$insert=sprintf("INSERT INTO `users` (username,password,email) values('%s','%s','%s')",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($email));

[Akenatehm]

Ok, what are the %s doing?

[The Little Guy]

They are a type specifier that says what type the argument data should be treated as.

 

%s means that it will treat what ever value that goes that as a string. Since I used the sprintf function, those are REQUIRED and if removed will not work properly.

 

As you can see, there are 3 %s and that means you need 3 additional parameters passed to sprintf, which I did with the three mysql_real_escape_string functions.

 

Here is the list of other values other than %s:

 

    *  % - a literal percent character. No argument is required.

    * b - the argument is treated as an integer, and presented as a binary number.

    * c - the argument is treated as an integer, and presented as the character with that ASCII value.

    * d - the argument is treated as an integer, and presented as a (signed) decimal number.

    * e - the argument is treated as scientific notation (e.g. 1.2e+2). The precision specifier stands for the number of digits after the decimal point since PHP 5.2.1. In earlier versions, it was taken as number of significant digits (one less).

    * u - the argument is treated as an integer, and presented as an unsigned decimal number.

    * f - the argument is treated as a float, and presented as a floating-point number (locale aware).

    * F - the argument is treated as a float, and presented as a floating-point number (non-locale aware). Available since PHP 4.3.10 and PHP 5.0.3.

    * o - the argument is treated as an integer, and presented as an octal number.

    * s - the argument is treated as and presented as a string.

    * x - the argument is treated as an integer and presented as a hexadecimal number (with lowercase letters).

    * X - the argument is treated as an integer and presented as a hexadecimal number (with uppercase letters).

 

[Akenatehm]

Wow thats some pretty advanced stuff. I understand a bit of it though. Thanks!