GangLife Posted June 10, 2014 Share Posted June 10, 2014 I'm having trouble with a hacker lately and I can't seem to tell the difference from an hackable string from a unhackable string I know I worded wrongly but you should understand what I mean, Thanks Quote Link to comment Share on other sites More sharing options...
Dayo Posted June 10, 2014 Share Posted June 10, 2014 check to see if the query has any variables in the query that can be inputed via the user ie $_POST, $_GET, $_REQUEST etc ... Quote Link to comment Share on other sites More sharing options...
Dave Posted June 10, 2014 Share Posted June 10, 2014 I'm having trouble with a hacker lately and I can't seem to tell the difference from an hackable string from a unhackable string I know I worded wrongly but you should understand what I mean, Thanks I know this doesn't really answer your question, but if you still live in the world of SQL injections it's probably about time you integrated something like PDO and bind your variables into your query. There's a great write up on StackOverflow here: http://stackoverflow.com/a/60496 Quote Link to comment Share on other sites More sharing options...
sniko Posted June 10, 2014 Share Posted June 10, 2014 Also, consider he/she may be getting staff to do some actions without their consent or knowledge via ©SRF or XSS attacks. See: https://www.owasp.org/index.php/Category:Attack Quote Link to comment Share on other sites More sharing options...
GangLife Posted June 10, 2014 Author Share Posted June 10, 2014 Thanks Sniko you're freaking right, I think it was css after checking my support request plugin. Still believe it got in by other method since I didn't receive any requests that day. Quote Link to comment Share on other sites More sharing options...
Script47 Posted June 11, 2014 Share Posted June 11, 2014 I know this doesn't really answer your question, but if you still live in the world of SQL injections it's probably about time you integrated something like PDO and bind your variables into your query. There's a great write up on StackOverflow here: http://stackoverflow.com/a/60496 Shame on you for not promoting our Q&A site! :p There is some good answers on here too. MWG Q&A Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.