Hi PHP Database gurus, Mostly a research question. I recall (a long time ago - php3?) that some php packages could be compromised by injecting a secondary query though GET/POST variables when they were not properly sanitized. ex: $query="select a from $b"; mysql_query($query); Inject $b="tablename; insert into a set col='c'" Even the current PHP manual includes a fairly recent comment warning of such attacks, though the manual clearly states that only one query can be issued and a semicolon should not be included. My testing confirms that the second query isn't executed. Some web research leads me to believe this was changed, though I cannot find when. I'm pretty certain it was there at one point, since I found a vulnerability like this in an application I was auditing for security. Anyone recall or know if this change occurred in a specific PHP version? Is it reasonable to assume it will not be added back in? Thanks, James Harrell http://www.copernicusllc.com http://celestia.cbstech.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
