1
Good morning, everyone,
I’m new to anti-sql security Injection. I always learned only to validate the inputs and then use them in the query, always with mysqli_query and mysqli_fetch_array.
I have the following code to check whether the login is correct or not (works without problem), can you tell if this avoids sql Injection? If not, what action should I take? Thank you for your time and help
if(isset($_POST['login'])){
$link = $_SERVER['HTTP_REFERER'];
$base_url = strtok($link, '?'); // Get the base url
$parsed_url = parse_url($link); // Parse it
$query = $parsed_url['query'];
if(!isset($query)){
$redireciona=$link;
}else{
$redireciona=substr($link, 0, strpos($link, "failed") - 1);
}
$user = trim($_POST['sp_uname']);
$pass = trim($_POST["sp_pass"]);
$stmt = $ligadb->prepare("SELECT id_user, u_user, u_nome, u_password, u_perfil FROM users WHERE u_user=? LIMIT 1");
$stmt->bind_param('s', $user);
$stmt->execute();
$stmt->bind_result($user_id, $user, $nome, $password, $perfil);
$stmt->store_result();
if($stmt->num_rows == 1) //To check if the row exists
{
if($stmt->fetch()) //fetching the contents of the row
{
if(password_verify($_POST["sp_pass"], $password)){
$_SESSION['user'] = $user;
$_SESSION['perfil'] = $perfil;
$_SESSION['id'] = $user_id;
$_SESSION['nome'] = $nome;
}else{
if(!isset($query) || $query==="failed"){
# Redirect user to error page
header('Location: ' . $redireciona . '?failed');
}else{
if (strpos($link, 'failed') !== false) {
header('Location: ' . $link);
}else{
header('Location: ' . $link . '&failed');
}
}
}
}
header('Location: ' . $redireciona);
}
else {
if (strpos($link, 'failed') !== false) {
header('Location: ' . $link);
}else{
header('Location: ' . $link . '&failed');
}
}
$stmt->close();
}
else
{
}
$ligadb->close();
This can help, is an excellent answer: https://answall.com/questions/3864/como-prevenir-inje%C3%A7%C3%A3o-de-c%C3%B3digo-sql-no-meu-c%C3%B3digo-php
– Miguel
Thanks Miguel, since I already use Prepared statements in the excerpt above I wanted to know if it is enough. The problem is that I have already researched and read so much that I get confused with the multiple paths/ solutions, I wonder if this is the right way and if there is something to add to improve it
– leugim