Successful SQL Injection despite PHP Magic Quotes

Posted by Crimson on Stack Overflow See other posts from Stack Overflow or by Crimson
Published on 2010-04-29T08:21:44Z Indexed on 2010/04/29 8:27 UTC
Read the original article Hit count: 419

Filed under:
|

I have always read that Magic Quotes do not stop SQL Injections at all but I am not able to understand why not! As an example, let's say we have the following query:

SELECT * FROM tablename
  WHERE email='$x';

Now, if the user input makes $x=' OR 1=1 --, the query would be:

SELECT * FROM tablename
  WHERE email='\' OR 1=1 --';

The backslash will be added by Magic Quotes with no damage done whatsoever!

Is there a way that I am not seeing where the user can bypass the Magic Quote insertions here?

© Stack Overflow or respective owner

Related posts about mysql

Related posts about sql-injection