Hello. I would like to learn protection against sql injection. As you know, the best protection you can get through the nuke is how sql injection works. I have code written in PHP I used PDO for greater security. I have read many articles related to sql injection attacks but few articles are on PDO, so it can be understood that PDO is more secure. I have a code that at times prevented my attacks. So in a nutshell, in the future I would like to become a security expert. Anyway. Maybe you know what attack methods are on PDO? Below I will give you a code that as I said before is relatively resistant to attacks. Thanks in advance for your help.
index.php
<!DOCTYPE html>
<html>
<body>
<form action="login.php" method="post">
<input type="text" name="name" placeholder="Your name">
<input type="text" name="email" placeholder="Your email">
<input type="submit" name="sent" id="ref" value="Send">
</form><
</div>
</body>
</html>
login.php
<?php
session_start();
$dbname = 'test';
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
try
{
if((!isset($_POST['name'])) || (!isset($_POST['email'])))
{
header("Location: index.php");
exit();
}
$PDO = new PDO('mysql:host='.$dbhost.';dbname='.$dbname,$dbuser,$dbpass);
$userow = $PDO->prepare('SELECT * FROM `users` WHERE `user`="'.$_POST['name'].'" ');
$userow->execute();
$count = $userow->rowCount();
if($count>0)
{
$row = $userow->fetch(PDO::FETCH_ASSOC);
if($_POST['email'] === $row['pass'])
{
$_SESSION['logged'] = true;
$_SESSION['nick'] = $row['user'];
$_SESSION['pass'] = $row['pass'];
header("Location: logged.php");
}
else
{
echo "Wrong login or password!";
}
}
else
{
echo "Wrong login or password!";
}
}
catch(PDOException $error)
{
die('Error!:'.$error->getMessage());
}
?>
logged.php
<?php
session_start();
if (!isset($_SESSION['logged']))
{
header("Location: index.php");
exit();
}
?>
<!DOCTYPE html>
<html>
<body>
<a href="logout.php">Logout!</a>
<?php
$dbname = 'test';
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
try
{
$PDO = new PDO('mysql:host='.$dbhost.';dbname='.$dbname,$dbuser,$dbpass);
$userow = $PDO->prepare('SELECT * FROM `users` WHERE user`="'.$_SESSION['nick'].'" ');
$userow->execute();
$row = $userow->fetch(PDO::FETCH_ASSOC);
echo $row['user'];
}
catch(PDOException $error)
{
die('Error!'.$error->getMessage());
}
?>
</body>
</html>
What I have tried:
Basic sql injection
-Add an apostrophe to the textbox login
-Add an apostrophe to the textbox password OR 1=2
etc.