> On Mar 22, 2020, at 7:14 PM, Craig Francis <cr...@craigfrancis.co.uk> wrote: > > On Sun, 22 Mar 2020 at 19:11, Mike Schinkel <m...@newclarity.net> wrote: >> [...] hash out potential solutions on the list rather than propose a >> specific one in advance. > > As to your idea of a "safe" MySQL class, fortunately mysqli already stops > multiple queries, so a SELECT cannot have an UPDATE/DELETE/TRUNCATE appended > on to the end, but it can still do things like UNION another SELECT query, so > the original query returns nothing, then the attackers query gets appended, > potentially allowing them to extract everything from the database.
To follow up, a "safe" MySQL class *could* disallow UNION then, no? In addition, it could possible have flags for every type of query and require you set on only the aspects you need. Unions, Updates, Deletes, Truncates, Joins, Where, etc. much like firewalls start will all ports closed. Just spitballing, anyway. -Mike -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
