Jump to content

SQL Injection Help!


benji87

Recommended Posts

Hi all.

 

Just started on a new project which is based on a users only login interface. Last week i posted it on these forums for help on css on the login page. Then today i continue work on it and try to login and turns out my users table has been emptied!! Now the only reason i can think of for this happening is someone has done a sql injection attack on me  :-[ and they must be a member or atleast a visitor of these forums because it is the only place i have posted the url and there is no way they could find it through a search engine!

 

Now all i want to know is how do i go about from stopping this from happening in the future as this is a big project and i cant afford to have a serious sercurity lapse like this!

 

Can anyone help?

Link to comment
https://forums.phpfreaks.com/topic/48595-sql-injection-help/
Share on other sites

http://www.webmaster-talk.com/php-forum/58129-sql-injection-problem-php-mysql-websites.html#post271952

 

This explains it quite well.

 

There are spiders that look for SQL attacks. It's quite easy for the spider to insert ' and " and -- into forms on your site, then look for a 500 server error page returned. Then save the URL for some one to hack later.

 

monk.e.boy

Link to comment
https://forums.phpfreaks.com/topic/48595-sql-injection-help/#findComment-237956
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.