By: Fiebert  09-12-2011

We have all heard the stories, 18 year old child prodigy builds incredible online system only to be bankrupted by some bad apple through various SQL injection attacks. Well, maybe not so dramatic but still the thought of people being able to gain complete access to your database because of one small oversight is frightening to say the least.

How do SQL injections work? Let me give you an example, you have a script that updates a row in your database which may look something like this SELECT * FROM creditcard_data WHERE mycard='".$_REQUEST['mycardnumber']."'. The goal would be to only display my information to me not everyone else in the worlds. If in the text box we submitted the following 1234' OR '1234'='1 and didn’t escape our extra slashes we would come up with the following query SELECT * FROM creditcard_data WHERE mycard='1234' OR '1234'='1234'. This would return true for every row giving us every single credit card number in the table, and a similar attack would work equally well on an INSERT, DELETE or UPDATE query.

Now the question is, how do we prevent this? PHP has two built in functions addslashes() and stripslashes(), however you must add slashes to every incoming variable and strip the slashes off of every outgoing variable. Obnoxious, no? Have no fear, I have two functions which will take care of the you forgetting factor as well as the all important cleaner code factor. On the top of every page, include the following line of code do_slashes($_REQUEST) and this line of code to the array of output from your database undo_slashes($value).

Below are are my functions, enjoy!

function do_slashes($array)


foreach ($array as $i => $value) {

$array[$i] = addslashes($value);


return $array;

function undo_slashes($value)
$value = is_array($value) ?
array_map(array($this, ‘undo_slashes’) , $value) :

return $value;

The information in this article was current at 06 Dec 2011

Other products and services from Fiebert


Rants //

The problem is this time that I don’t have the option to edit the code after the query has been returned, I need the actual query results to have NULL removed from them. Now this isn’t the first time I’ve gotten NULL as a result and usually my code has an if statement in there to swap out the NULL values with zero. You can use COALESCE in any part of your query, it doesn’t only have to be where you specify the columns you want returned.


Interesting //

Write a query for this table to display all user access however if a user is a “Super User”, only display the one row for them demonstrating that they are a “Super User”. I was asked this question a few months ago and liked it due to its simplicity, and how it can be done on paper which is how we’ve been administering our interview tests. Often times a user is given access to multiple packages only to later be given “Super User” access.


The Site //

First, I’m going to redesign the site to fit more of where I see it going, then I’ll show you my current project cinder, which is basically a random name for the existing project that I came up with right now. Whether or not it worked is another story but I’ve got “The Job” so I think it is about time to repurpose the site. It goes along with the whole computer agnostic trend the web has taken these days.


Database //

A common issue among dataservers is disk space so it only makes sense to monitor for thresholds so that you can fix an issue before it becomes an emergency. We will construct the remote query dynamically in the code before openrowset and the remote instance will be passed into the instance upon execution. When you must maintain hundreds of machines, space trending is practically a requirement.


Wordpress //

I’ve totally redesigned / restructured the site from the last theme with high hopes that I can make a solid foundation to build on in the future. I like it because it’s fully extensible and very easy to build on using just the theme alone. I’ve spent a lot of time lately working with wordpress and it’s pretty awesome.