Quote:
Originally Posted by Shin Noir
Are they using mysql_query()? If so, what's the problem again? Your "blahblahblah'; DROP ALL TABLES;--" example is two queries?
|
The problem is that it's still susceptible to injection. Although you can't just drop the database since it's running through PHP, you can still look for other pieces of data. I don't think it would be appropriate to provide a step-by-step tutorial on how to do this (there are plenty of them on the Internet already), but the idea is you can verify information from the database that you wouldn't normally have access to (mainly passwords and account names).