|
You last visited: Today at 15:54
Advertisement
[PHP] Share you Anti-SQL injection function.
Discussion on [PHP] Share you Anti-SQL injection function. within the SRO Private Server forum part of the Silkroad Online category.
11/26/2016, 11:48
|
#1
|
elite*gold: 0 
Join Date: Jun 2012
Posts: 239
Received Thanks: 26
|
[PHP] Share you Anti-SQL injection function.
well the title says it all
i want to see how different people handle injection
*educational purposes
|
|
|
|
11/26/2016, 13:18
|
#2
|
elite*gold: 0
Join Date: Mar 2016
Posts: 9
Received Thanks: 2
|
|
|
|
|
|
11/26/2016, 13:46
|
#3
|
elite*gold: 0
Join Date: Jun 2012
Posts: 239
Received Thanks: 26
|
Quote:
Originally Posted by situsavais
|
i know how it works , i did my search thank you.
i just wanted to see how others do it.
|
|
|
|
|
11/26/2016, 18:40
|
#4
|
elite*gold: 0
Join Date: May 2013
Posts: 23
Received Thanks: 2
|
Do you want clean db ?!
|
|
|
|
|
11/26/2016, 21:37
|
#5
|
elite*gold: 0
Join Date: Jun 2012
Posts: 239
Received Thanks: 26
|
Quote:
Originally Posted by BranzUK
Do you want clean db ?!
|
|
|
|
|
|
11/26/2016, 21:43
|
#6
|
elite*gold: 666
Join Date: Apr 2011
Posts: 5,810
Received Thanks: 2,418
|
Quote:
Originally Posted by B13.
i just wanted to see how others do it.
|
others do it by using pdo with prepared statements. thats about it
|
|
|
|
|
11/26/2016, 21:45
|
#7
|
elite*gold: 86
Join Date: Feb 2009
Posts: 370
Received Thanks: 84
|
I usually use the Laravel framework, so I don't have to think that much about that issue. Link here: 
|
|
|
|
|
11/26/2016, 21:47
|
#8
|
elite*gold: 15
Join Date: Jul 2014
Posts: 1,614
Received Thanks: 1,375
|
"Share with me cause I have no idea how to do it".
|
|
|
|
|
11/26/2016, 22:04
|
#9
|
elite*gold: 0
Join Date: Jun 2012
Posts: 239
Received Thanks: 26
|
Quote:
Originally Posted by WickedNite.
"Share with me cause I have no idea how to do it".
|
i got a working function
compared them to uploaded websites i know how to do it
don't assume stuff from your head.
don't throw flames in the thread.
as i said
*educational purposes*
Quote:
Originally Posted by Syc
others do it by using pdo with prepared statements. thats about it
|
i think that is the most common way
then comes the string edits
Quote:
Originally Posted by Sycrog
I usually use the Laravel framework, so I don't have to think that much about that issue. Link here: |
doesn't it do the same thing ?
Quote:
|
Note: The Laravel query builder uses PDO parameter binding throughout to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.
|
|
|
|
|
|
11/26/2016, 22:18
|
#10
|
elite*gold: 86
Join Date: Feb 2009
Posts: 370
Received Thanks: 84
|
Yes, I assumed that Laravel is using PDO to handle that, but the message was rather to use a proven framework instead of trying to build solutions again and again.
|
|
|
|
|
11/26/2016, 23:22
|
#11
|
elite*gold: 350
Join Date: Aug 2015
Posts: 1,999
Received Thanks: 1,188
|
use PDO Prepared statements if you don't want to learn a new framework :3
|
|
|
|
|
11/27/2016, 23:16
|
#12
|
elite*gold: 0
Join Date: Mar 2016
Posts: 9
Received Thanks: 2
|
Why recreate the wheel when there is something which do the work, and it's called "PDO".
Laravel ORM handle well sro db ? I mean for the relation ect.. The architecture of Joymax db arn't following some rule so.. I doubt that an orm can handle all this **** nah ?
|
|
|
|
|
11/28/2016, 17:56
|
#13
|
elite*gold: 0
Join Date: Apr 2009
Posts: 1,300
Received Thanks: 952
|
Quote:
Originally Posted by situsavais
Why recreate the wheel when there is something which do the work, and it's called "PDO".
Laravel ORM handle well sro db ? I mean for the relation ect.. The architecture of Joymax db arn't following some rule so.. I doubt that an orm can handle all this **** nah ?
|
Yes, you can perfectly use Laravel with sro db, i've done it before and the relationships work well. Laravel is very powerfull, more than people think.
|
|
|
|
|
11/28/2016, 20:22
|
#14
|
elite*gold: 80
Join Date: Nov 2015
Posts: 172
Received Thanks: 89
|
PDO
|
|
|
|
|
12/08/2016, 20:15
|
#15
|
elite*gold: 0
Join Date: Feb 2008
Posts: 340
Received Thanks: 72
|
Very good post about PDO -
LSS
Quote:
|
Prepared statements / parameterized queries are generally sufficient to prevent 1st order injection on that statement*. If you use un-checked dynamic sql anywhere else in your application you are still vulnerable to 2nd order injection.
|
This why everyone fail, because he think is 100% secure, there is no such things yet.
|
|
|
|
 |
|
Similar Threads
|
[S] Anti hack dll oder Anti Injection in einer Exe [B] egold & Psc
08/27/2014 - Coders Trading - 0 Replies
Hallo,
ich suche für meine Metin2.exe eine Anti hack Methode bzw Dll oder
Anti Injection Protection in meiner Exe
Weiteres Info auf Anfrage
Bezahlung gibt es natürlich auch
|
[HELP] Website anti DDOS, anti Sql Injection
04/13/2013 - Flyff Private Server - 10 Replies
what is the anti ddos and anti sql injection javascript?
thanks in advance :)
|
[Release] Anti-Cheat DLL - *Lite* (Anti Injection)
04/11/2013 - Metin2 PServer Guides & Strategies - 30 Replies
Heyho, ich habe mir überlegt hier eine Kleinigkeit als einstieg zu releasen!
Dann wollen wir mal schauen, was ich anzubieten habe:
- Eine anti Injection DLL!
Was könnt ihr damit machen?
Ganz einfach, das injecten von Hacks verhindern!
Lite? Gibt es auch eine andere Version?
Die gibt es in der tat, unter Umständen kommt die noch mal dazu.
|
[tutorial]Injection & Function Hooking
11/06/2010 - Tutorials - 5 Replies
First let me say this: This is not written by me, i found it posted on game deception a while ago and just rediscoverd it on my hd. Thought it might be interesting for some ppl here.
Credits go to whoever originally wrote it.
This contains a demo project for vc 2003 and a tutorial.
You can find the tutorial in the readme folder!!!!!!
oh, if you don't trust me, don't download it....
|
All times are GMT +1. The time now is 15:56.
|
|
![[PHP] Share you Anti-SQL injection function.](https://www.elitepvpers.com/forum/iconimages/sro-private-server/php-share-you-anti-sql-injection-function_ltr.gif){kind=small}
