codeigniter admin login hacked although I have used all security matters

Posted by artmania on Stack Overflow See other posts from Stack Overflow or by artmania
Published on 2010-05-04T06:25:23Z Indexed on 2010/05/04 6:28 UTC
Read the original article Hit count: 269

Filed under:

codeigniter

|

sql-injection

|

hacking

|

admin

hi friends,

how come have the code before hacked with SQL Injection :(

$query = $this->db->query("SELECT * FROM users WHERE username = ? AND password = ?", array(mysql_real_escape_string($this->input->post('username')), mysql_real_escape_string(MD5($this->input->post('password')))));

appreciate helps!!

© Stack Overflow or respective owner

Related posts about codeigniter

CodeIgniter's index.php

as seen on Server Fault - Search for 'Server Fault'
Hi, Following CodeIngiter's installation instructions, I extracted CodeIgniter into XAMPP's htdocs folder and placed its index.php at the root. When I navigated to the following url h t t p://127.0.0.1/index.php I got the following error messages: Warning: require_once(C:\xampp\htdocs/system/codeigniter/CodeIgniter… >>> More
How to test controllers with CodeIgniter PART 2?

as seen on Stack Overflow - Search for 'Stack Overflow'
I am having difficulties testing Controllers in Codeigniter: I use Toast but when I invoke my Home Controller class I get an exception that "db" is not defined. Has anybody an idea how to test this 1-1? Thanks class Home_tests extends Toast { function __construct() { parent::__construct(__FILE__); //… >>> More
How can I pad an image with CodeIgniter?

as seen on Stack Overflow - Search for 'Stack Overflow'
My user is uploading an image of any size XX x YY. I want to find the larger dimension and shrink the image to a square of 250x250 with transparent padding being added to make up the difference. Is there any way to accomplish this with CI's Image Lib? >>> More
Getting Uploadify to work with Codeigniter ?

as seen on Stack Overflow - Search for 'Stack Overflow'
Has anyone been able to get uploadify to work with codeigniter? Everything I try it will not upload. >>> More
On learning CodeIgniter

as seen on Stack Overflow - Search for 'Stack Overflow'
I made a PHP-function which returns an array and then I move its value to a variable $a. How can I output it to a web page on CodeIgniter? >>> More

Related posts about sql-injection

Is this query vulnerable to sql injection?

as seen on Stack Overflow - Search for 'Stack Overflow'
$myq = sprintf("select user from table where user='%s'", $_POST["user"]); I would like to know if the above query can be exploited using SQL injection. Is there any advanced SQL injection technique that could break sprintf for this particular query? >>> More
10 Ways to Prevent or Mitigate SQL Injection Attacks

as seen on Internet.com - Search for 'Internet.com'
SQL injection attacks could allow hackers to compromise your network, access and destroy your data, and take control of your machines. >>> More
10 Ways to Prevent or Mitigate SQL Injection Attacks

as seen on Internet.com - Search for 'Internet.com'
SQL injection attacks could allow hackers to compromise your network, access and destroy your data, and take control of your machines. >>> More
Database Activity Monitoring Part 2 - SQL Injection Attacks

as seen on SQL Server Central - Search for 'SQL Server Central'
If you think through the web sites you visit on a daily basis the chances are that you will need to login to verify who you are. In most cases your username would be stored in a relational database along with all the other registered users on that web site. Hopefully your password will be encrypted… >>> More
SQL Server SQL Injection from start to end

as seen on SQL Team - Search for 'SQL Team'
SQL injection is a method by which a hacker gains access to the database server by injecting specially formatted data through the user interface input fields. In the last few years we have witnessed a huge increase in the number of reported SQL injection attacks, many of which caused a great deal… >>> More