Hi,
I was going through my site stats and found some sql injections have been passed through my site’s querystring.
This was the querystring passed on one of the page. (Note: For security reasons I have replaced my original table and column names in the code below.)
[CODE]?action=show&id=-5 union select 1,2,3,concat_ws(0x3a3a,xuser,xpass),5,6,7,8,9,10,11,12,13 from mytbl_login–
I have taken care of the SQL Injection attacks and hence using the following function in my code everywhere to bypass any SQL injections.
[CODE] function antisql($data){
if(get_magic_quotes_gpc){
$data1 = stripslashes($data);
}else{
$data1 = $data;
}
return mysql_real_escape_string($data1);
}
I am not posting this thread to know what SQL Injection is. I know what is it. ?
Few things I want to know are:
[B]1) How did they know my column names (xuser and xpass) and table name (mytbl_login)?
[B]2) Why didn’t the antisql() function prevent from that sql injection attack?
[B]3) What is the above querystring actually doing?
[I]Some Info:
My Site is made in PHP MySQl and running on CentOS.
Thank you so much for your help in advance.