Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SQL injection #6

Open
marcel2012 opened this issue Jul 15, 2017 · 1 comment
Open

SQL injection #6

marcel2012 opened this issue Jul 15, 2017 · 1 comment

Comments

@marcel2012
Copy link

Please always use mysqli_real_escape_string when you use data from $_GET.

Problem in files:

  • TwitterApp/TwitterServer/login.php
  • TwitterApp/TwitterServer/Register.php
  • TwitterApp/TwitterServer/TweetAdd.php
  • TwitterApp/TwitterServer/UserFollowing.php
  • TwitterApp/TwitterServer/TweetList.php
  • TwitterApp/TwitterServer/IsFollowing.php
  • PHP Webservice/phpAndroid/login.php
  • PHP Webservice/phpAndroid/add.php
  • PHP Webservice/phpAndroid/tracking.php
@segg21
Copy link

segg21 commented Jul 21, 2017

Hey, I recommend using https://github.com/LegitSoulja/SlickInject

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants