Article 65WK5 CodeSOD: D'Tables

CodeSOD: D'Tables

by
Remy Porter
from The Daily WTF on (#65WK5)

Wim works on a web app with a problem. Specifically, the error log is the fastest growing file on the system. Well, perhaps that's not the problem, but actually a symptom. Like so many applications, it's a PHP web app with a MySQL backend, and the previous developer made... choices.

$sqlisgt = "insert into ser_gen_tj values (4, '$type_juridiction', '$enr[23]', 'O')";

There's your SQL injection vulnerability. Just dump variable values directly into SQL statements, what could go wrong?

Well, one problem is that sometimes this application needed to handle names. Names, especially in French, frequently contain '. So this wouldn't work:

$sql = "INSERT INTO personne VALUES ('$matricule','$nom','$prenom','$tel',Null);";

A single quote in $nom would break the query, it'd become syntactically invalid. And that's why the log file was the fastest growing set of data in the system. But the developer responsible "fixed" this, don't you worry.

$sql = "INSERT INTO personne VALUES ('$matricule',\"$nom\",\"$prenom\",'$tel',Null);";

Thank goodness no one has a " in their name, I suppose. Still, Little Bobby Tables is going to have a field day with this application. Or should I say, Petit Robert D'Tables.

buildmaster-icon.png [Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!
External Content
Source RSS or Atom Feed
Feed Location http://syndication.thedailywtf.com/TheDailyWtf
Feed Title The Daily WTF
Feed Link http://thedailywtf.com/
Reply 0 comments