Computer Security :: Lessons :: SQL Injection
SQL Injection
Databases are the most common target of attacks on web applications. Various versions of SQL (Structured Query Language) are used on the web, but MySQL is one of the most popular. A SQL injection targets a SQL database by exploiting some of the language's peculiarities. Steve Friedl's Unix Wiz website provides a number of good examples of SQL injections. Read through some of his examples to get an idea of how SQL injections work. You can also check out the video below to see a live demo of SQL injection.
The reason SQL injection works is the SQL server doesn't care where the commands it receives came from. SQL simply runs the commands it is given with no question. Sanitizing the input sent to SQL queries can help, but it can be nearly impossible to determine all the possible malicious input that could sneak through your sanitation attempts. The most secure way to prevent SQL injection is by using parameterized queries.
Parameterized Queries
Paramaterized queries are queries that use placeholders for parameters. The values for the placeholders are supplied at execution. This has a dual effect of preventing SQL injection since the input from the user is not treated as part of the SQL query and increased efficiency since the query can be stored and reused with multiple inputs. The video below provides a succinct example of using prepared statements to generate parameterized queries using PHP and MySQL.
Encryption with PHP
PHP has a number of useful functions you can use to encrypt/decrypt data. The video below goes through a few. Please note that you should NOT use SHA1 anymore as it is not considered secure.
