abemaca Posted March 27, 2010 Share Posted March 27, 2010 hi all , sorry if this is posted in the wrong section , im a phpfreak noob running a site i like to read into the hacking side to things to keep myself and my site on its toes so to speak. i notice that to find if a site has mysql vulnerability you would simply place a ' after the url and look for error. My question is that if i add the ' to my site it shows as being vulnerable . how could i stop this giving an error back ??? Link to comment https://forums.phpfreaks.com/topic/196685-site-mysql-vulnerability-avoiding-it/ Share on other sites More sharing options...
fenway Posted March 27, 2010 Share Posted March 27, 2010 Read about sanitizing mysql input. Link to comment https://forums.phpfreaks.com/topic/196685-site-mysql-vulnerability-avoiding-it/#findComment-1032836 Share on other sites More sharing options...
abemaca Posted March 30, 2010 Author Share Posted March 30, 2010 ok i've read about sanitizing and im closer to my goal (secure mysql) but it didnt directly help me solve the issue i posted about. The above is regarding inputs and data queries were as im after something alot more simpler , as this can be used before you even enter data , IE: http://mysiteurl.com is where they go ... if they add a ' like so .... http://mysiteurl.com/' then it reads the ' character. how can i avoid this ??? Link to comment https://forums.phpfreaks.com/topic/196685-site-mysql-vulnerability-avoiding-it/#findComment-1033989 Share on other sites More sharing options...
fenway Posted April 3, 2010 Share Posted April 3, 2010 That issue has nothing to do with mysql... that's your web server's problem. Link to comment https://forums.phpfreaks.com/topic/196685-site-mysql-vulnerability-avoiding-it/#findComment-1036434 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.