TalkPHP - View Single Post

Wildhoney · 10-27-2007, 10:24 PM

I'd be tempted to construct my login SQL like so:

Code:

$szUsername = 'Wildhoney';
$szPassword = 'myHardToGuessPassword';

$szSQL = sprintf("	SELECT
				@myPassword:= MD5('%s'),
				IF(myUsername = '%s', myUsername, NULL) AS myUsername,
				IF(myPassword = @myPassword, myPassword, NULL) AS myPassword
			FROM
				myTable
			WHERE
				myUsername = '%s'
			AND
				myPassword = @myPassword)",
			$szPassword,
			$szUsername,
			$szUsername);

Therefore if anyone does happen to manage to inject SQL into your query, it'll simply result in a MySQL error, and they won't actually get anywhere.

10-27-2007, 10:24 PM	#4 (permalink)
Wildhoney La Vida es Sueño Join Date: Sep 2007 Location: Oldham Posts: 2,280 Thanks: 90	I'd be tempted to construct my login SQL like so: Code: $szUsername = 'Wildhoney'; $szPassword = 'myHardToGuessPassword'; $szSQL = sprintf(" SELECT @myPassword:= MD5('%s'), IF(myUsername = '%s', myUsername, NULL) AS myUsername, IF(myPassword = @myPassword, myPassword, NULL) AS myPassword FROM myTable WHERE myUsername = '%s' AND myPassword = @myPassword)", $szPassword, $szUsername, $szUsername); Therefore if anyone does happen to manage to inject SQL into your query, it'll simply result in a MySQL error, and they won't actually get anywhere. __________________ The man who comes back through the Door in the Wall will never be quite the same as the man who went out.