Sql-injection error - sql-injection

I am trying to do SQL-injection attack on a local website on my localhost. I am trying to get all the products from product table using the wildcard ';-- but there seems to be some problem with the query. It's giving me this error
'Warning: mysqli_fetch_assoc() expects parameter 1 to be
mysqli_result, boolean given in C:\wamp64\www\tplus\products.php on
line 151'
Here is my PHP code
<?php
//$search_value = mysqli_real_escape_string($conn,$_GET['search']);
$search_value = $_GET['search'];
$result = mysqli_query($conn,"SELECT * FROM products where p_name LIKE '%".$search_value."%'");
while ($row = mysqli_fetch_assoc($result))
{
echo "<tr>";
echo "<td>";
echo $row['p_name'];
echo "</td>";
echo "<td>";
echo $row['p_price'];
echo "</td>";
echo "<td>";
echo $row['p_brand'];
echo "</td>";
echo "<td>";
echo $row['p_info'];
echo "</td>";
echo "</tr>";
}
?>

Try this
if (!$result) {
die(echo 'MySQL Error: ' . mysqli_error())
}

You need to check if
"SELECT * FROM products where p_name LIKE '%".$search_value."%'"
is a valid SQL statement.
The indication is that it is not - hence the error.
Perhaps output that string and check where the SQL statement is incorrect.

Related

pg_fetch_assoc returning 1 after values

I am beginner in PHP, i am working with session and pg functions. So i want to return user's first name and last name from database(basically user's details) and display it to different page using session. and it is returning using pg_fetch_assoc() but the problem is like it is showing 1 after every value like (firstname 1), (lastname 1). How can i fix it. is there any other way to return values from database and display it and also use these values as conditions.
Thanks
Below is my code:
$login = trim($_POST['login']);
$pass = trim($_POST['pass']);
$result = pg_execute($conn, "login_query", array($login, hash(HASH_ALGO, $pass)));
$records = pg_num_rows($result);
if($records == 1){
$_SESSION['user_id'] = $login;
$row = pg_fetch_assoc($result);
$_SESSION['first_name'] = $row['first_name'];
$_SESSION['last_name'] = $row['last_name'];
$_SESSION['last_access'] = $row['last_access'];
$_SESSION['user_type'] = $row['user_type'];
//$_SESSION['details'] = $row;
pg_execute($conn, "update_query", array($login));
/* $_SESSION['output'] = $output();*/
$_SESSION['output'] = "Welcome back " . pg_fetch_result($result,0,"first_name") . pg_fetch_result($result,0,"last_name").'</br>';
$_SESSION['output'] .= "Our records show that your </br>" . "email address is " . pg_fetch_result($result,0,"email_address") . "</br>";
$_SESSION['output'] .= "and you last accessed our system: " . pg_fetch_result($result,0,"last_access") . "</br>";
header('location: ./user-dashboard.php');
}
here is var_dump($row); value:
array(9) { ["user_id"]=> string(20) "jdoe " ["password"]=> string(32) "179ad45c6ce2cb97cf1029e212046e81" ["user_type"]=> string(2) "c " ["email_address"]=> string(256) "jdoe#gmail.com " ["first_name"]=> string(128) "John " ["last_name"]=> string(128) "Doe " ["birth_date"]=> string(10) "1998-02-05" ["enrol_date"]=> string(10) "2017-01-01" ["last_access"]=> string(10) "2017-10-18" }
database
pg_fetch_assoc returns values OK. you can see it in result of var_dump($row); - see the ["last_name"]=> string(128) "Doe " - it has extra space - yes, but not 1. So another bit of code adds 1 after $row["last_name"] value.
<h1 class="floating-box" ><?php echo print_r($_SESSION['first_name'],True); ?></h1>
<h1 class="floating-box" ><?php echo print_r($_SESSION['last_name']); ?></h1>
<h1 class="floating-box" ><?php echo print_r($_SESSION['last_access']); ?></h1>
Sorry, i forgot to add true in print_r() function. Thanks for your help. #Vao Tsun

Retrieve users/company information

On connecting to Quickbook within our app we are able to get access token and realmid but on trying to implement Get App Now we couldn't get any information after redirecting to our openid url. What I have tried so far is
define('OAUTH_CONSUMER_KEY', $consumerkey);
define('OAUTH_CONSUMER_SECRET', $consumersecret);
define('OAUTH_URL', 'https://oauth.intuit.com/');
define('APPCENTER_URL', 'https://appcenter.intuit.com/');
define('OAUTH_REQUEST_URL', OAUTH_URL . 'oauth/v1/get_request_token');
define('OAUTH_ACCESS_URL', OAUTH_URL . 'oauth/v1/get_access_token');
define('OAUTH_AUTHORISE_URL', APPCENTER_URL . 'Connect/Begin');
define('OAUTH_CURRENT_USER', APPCENTER_URL . 'api/v1/user/current');
try{
$oauth = new OAuth(OAUTH_CONSUMER_KEY,OAUTH_CONSUMER_SECRET,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
$oauth->enableDebug();
$request_token = $oauth->getRequestToken(OAUTH_CURRENT_USER,CALLBACK_URL);
echo '<pre>';
print_r($_POST);
print_r($_GET);
print_r($_REQUEST);
print_r($_SESSION);
echo $request_token;
print_r($request_token);
echo '</pre>';
} catch(OAuthException $e) {
pr($e);
}
I can't get any valuable information on the above code, I maybe doing it wrong and expecting that there would be realmid and access token once the authorization is done and quickbooks redirect to our openid url. Any information would be appreciated.
Please note I really don't have knowledge about this as this is my first time using quickbooks api and related technologies.
Updated
<?php
require 'openid.php';
try {
# Change 'localhost' to your domain name.
$openid = new LightOpenID($_SERVER["HTTP_HOST"]);
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'https://openid.intuit.com/OpenId/Provider';//'https://www.google.com/accounts/o8/id';
$openid->required = array(
'contact/email',
'namePerson/first',
'namePerson/last'
);
header('Location: ' . $openid->authUrl());
}
?>
<form action="?login" method="post">
<button>Login with Google</button>
</form>
<?php
} elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.';
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
When the form above gets submitted it results into No OpenID Server found at https://openid.intuit.com/OpenId/Provider

Is there something wrong with this Query? New to mysqli commands

Is there something wrong with this query in mysqli? I converted it from mysql, worked perfectly then but now it doesn't
mysqli_query($con,"SELECT * FROM signed_out_students WHERE date = '$date6' AND time_in = '' order by time_out DESC");
This is how it fits into the actual code. I know that there is entries in the databse with the date of today but its not showing them? D:
else if (out == $display) {
date_default_timezone_set('NZ');
$date6 = date('d.m.Y');
$result4 = mysqli_query($con,"SELECT * FROM signed_out_students WHERE date = '$date6' AND time_in = '' order by time_out DESC");
echo '<table border="0">';
echo '<tr>';
echo '<td width="70px"><h2>Date</h2>';
echo '</td>';
echo '<td width="150px"><h2>Name</h2>';
echo '</td>';
echo '<td width="90px"><h2>Form Class</h2>';
echo '</td>';
echo '<td width="70px"><h2>Time Out</h2>';
echo '</td>';
echo '<td width="70px"><h2>Time In</h2>';
echo '</td>';
while($row4 = mysqli_fetch_array($result4))
{
echo '<tr>';
echo '<td><p>' . $row4['date'];
echo '</td>';
echo '<td><p>' . $row4['name'];
echo '</td>';
echo '<td><p>' . $row4['form_class'];
echo '</td>';
echo '<td><p>' . $row4['time_out'];
echo '</td>';
echo '<td><p>' . $row4['time_in'];
if ($row['time_in'] == "") { echo '-';}
echo '</td>';
}
echo '</table>';
}
Thanks guys!
Is there something wrong with this query in mysqli?
Yes, a lot.
You aren't checking for errors
You aren't using placeholders
You're using mysqli, while PDO have to be used instead.
Start here: https://stackoverflow.com/tags/pdo/info
Also, as a side note, your date have to be in 'Y-m-d' format.
remove the single quotes from the variable in the Query :
mysqli_query($con,"SELECT * FROM signed_out_students WHERE date = $date6 AND time_in = '' order by time_out DESC");

PostgreSQL query works but not with php

I want to make a php query to a PostgreSQL database. I tested the query in the server and returns, but when I try it in php:
<?php
//Check the input
if (!isset($_POST['variable']))
echo "Address not selected";
$input = $_POST['variable'];
//$input = ucfirst(trim($_POST['variable']));
//echo $input;
$conn = pg_connect("host=localhost port=5432 dbname=geocoder user=postgres");
if (!$conn)
echo "Could not connect to server..";
$sql = "SELECT (addy).stateabbrev FROM geocode($input);";
$result = pg_query($conn, $sql);
if (!$result)
echo "Query did not executed..";
?>
I get that "Query did not executed..";
The string for the QUERY is taken from a html page using javascript.
In the error.log of Apache2 i get:
PHP Warning: pg_query(): Query failed: ERROR: syntax error at or near "Penn"\nLINE 1: SELECT (addy).stateabbrev FROM geocode(O
What can be the point here?
Sanitize the user supplied data:
$input = pg_escape_literal($conn, $input);
$sql = "SELECT (addy).stateabbrev FROM geocode($input);";
I managed to find the problem, which is the fact that $input variable from geocode() function, must be surrounded by single quotes:
geocode('$input')
:)

PHP - echo inside an echo

I have a PHP if/else statement. This is the code I'm trying to echo under an else condition.
<?php $locked = ForumData::is_topic_locked($post->topic_id);
if ($locked->topic_locked == 1) {echo '<td align="right"><font color="#FF0000">Topic Locked</font><td>';}
else {
echo '<td align="left"><img src="<?php echo SITE_URL?>/lib/skins/flyeuro/images/forums/t_reply.gif"/></td>'; }
?>
The bit I'm interested to echo is this.
<img src="<?php echo SITE_URL?>
If I try this... 'echo SITE_URL'
Parse error: syntax error, unexpected T_ECHO, expecting ',' or ';'
But this doesn't parse the image, and if I try parsing anything else, it's giving me parsing errors, which I can't fix?
How can I therefore produce an echo inside another echo?
why did you open a <?php tag again, you are already in echo line?
echo '<td align="left"><img src="'.SITE_URL.'/lib/skins/flyeuro/images/forums/t_reply.gif"/></td>';
and what is SITE_URL? Is that a variable, did you forget to put $?
echo prints out the string that you gave as parameter,
echo "foo";
As #hakre mentioned about it, . is used to concatenate strings.
$var = "foo"."bar"; //foobar
So you can use it in echo line,
$var = "foo"."bar"; //foobar
echo "foo "."bar ".$var // foo bar foobar
And It's not important weather variable defined as a string. It would be a constant variable.
define('SITE_URL', 'localhost:8080/phpvms');
echo "my website URL is ".SITE_URL; //my website URL is localhost:8080/phpvms
Remember:
<?php echo "View"; ?>
" and \
this!
Hope that's enough of a hint!#
Your problem is probably solved this way:
echo '<td align="left"><a href="',
url('Forum/create_new_post?topic_id=' . $post->topic_id . '&forum_id=' . $post->forum_id . '') ,
'"><img src="', SITE_URL,
#######################
'/lib/skins/flyeuro/images/forums/t_reply.gif"/></a></td>';
In PHP you can use constants quite like variables, e.g. to output them. You don't need to stack echoes inside each other or something.