can someone give me an example of mySQL injection payload, which will bypass the real_escape_string() sanitize filter in regards to the below php example.
function sanitizeStrXSS51($var)
{
global $connection;
return $connection->real_escape_string($var);
}
$result = queryMysql("SELECT * FROM profiles WHERE user='$user'");
if (isset($_POST['text']))
{
$text = sanitizeStrXSS51($_POST['text']);
if ($result->num_rows)
queryMysql("UPDATE profiles SET text='$text' where user='$user'");
else queryMysql("INSERT INTO profiles VALUES('$user', '$text')");
}
Aucun commentaire:
Enregistrer un commentaire