Copy Link
Add to Bookmark
Report

Echo Magazine Issue 07 Phile 0x012

eZine's profile picture
Published in 
Echo Magazine
 · 4 years ago

  


____________________ ___ ___ ________
\_ _____/\_ ___ \ / | \\_____ \
| __)_ / \ \// ~ \/ | \
| \\ \___\ Y / | \
/_______ / \______ /\___|_ /\_______ /
\/ \/ \/ \/


.OR.ID
ECHO-ZINE RELEASE
07

Author: Inue_99 Csrg || inue_99@yahoo.com ||http://widya.cjb.net/~inue_99
Online @ www.echo.or.id :: http://ezine.echo.or.id

== Proteksi Web PHP mysql Dari SQL Injection ==


Beberapa saat yang lalu, kita mengetahui bahwa web kpu dapat di kerjai dengan
menggunakan bugs sql injection. Menyedihkan memang, web pemerintah dapat di kerjai
dengan menggunakan bugs yang bisa di bilang sudah basi. Apakah karena kesengajaan
Tim IT KPU atau hanya sekedar kelalaiyan saja, kita pun tidak tau. Tapi yang jelas
kita harus mencegah jangan sampai web kita bisa dikerjain dengan menggunakan Bugs
Sql injejction.
Untuk mencegah web php kita dikerjai dengan menggunakan sql injection kita
dapat menggunakan beberapa fungsi mysql untuk memfiter karakter2 yang sekiranya dapat
menyababkan web kita dapat di injejksi.
Sebagian besar sql injection dilakukan dengan menyisipkan tanda petik (" ' ")
untuk menginjectsi. Jadi hal yang harus dilakukan untuk mencegah sql injecsi adalah
dengan cara mengakali tanda kutip agar menjadi string.


Fungsi yang dapat mencegah sql injection :

1.mysql_escape_string
Contoh : <?php
$string = "The Injec'tion ";
$filter = mysql_escape_string($item);
printf("Hasil Filter : %s\n", $Filter);
?>
Fungsi mysql_escape_string merubah "The Injec'tion" menjadi "The Injec\'tion"


2. mysql_real_escape_string
Contoh : <?php
$kon = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$kon) {
die('Gak Konek: ' . mysql_error());
}
$string = "The Injec'tion's";
$filter = mysql_real_escape_string($string, $kon);
printf("Hasil Filter: %s\n", $filter);
?>
Fungsi mysql_real_escape_string merubah "The Injec'tion's" menjadi "The Injec\'tion\'s"

Sebenerya masih banyak fungsi2 lain yang dapat mencagah sql injetion, lebih jelasnya
dateng aja ke http://www.php.net

REFERENSI a.k.a bacaan :
.....PHP Manual .. http://www.php.net



*greetz to:
All Csrg Crew (Achmed, gie, Wanda, SaM, Ruel, etc);

kirimkan kritik && saran ke inue_99@yahoo.com

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

guest's profile picture
@guest
12 Nov 2024
It is very remarkable that the period of Atlantis’s destruction, which occurred due to earthquakes and cataclysms, coincides with what is co ...

guest's profile picture
@guest
12 Nov 2024
Plato learned the legend through his older cousin named Critias, who, in turn, had acquired information about the mythical lost continent fr ...

guest's profile picture
@guest
10 Nov 2024
الاسم : جابر حسين الناصح - السن :٤٢سنه - الموقف من التجنيد : ادي الخدمه - خبره عشرين سنه منهم عشر سنوات في كبرى الشركات بالسعوديه وعشر سنوات ...

lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
6 Nov 2024
Thank you! I've corrected the date in the article. However, some websites list January 1980 as the date of death.

guest's profile picture
@guest
5 Nov 2024
Crespi died i april 1982, not january 1980.

guest's profile picture
@guest
4 Nov 2024
In 1955, the explorer Thor Heyerdahl managed to erect a Moai in eighteen days, with the help of twelve natives and using only logs and stone ...

guest's profile picture
@guest
4 Nov 2024
For what unknown reason did our distant ancestors dot much of the surface of the then-known lands with those large stones? Why are such cons ...

guest's profile picture
@guest
4 Nov 2024
The real pyramid mania exploded in 1830. A certain John Taylor, who had never visited them but relied on some measurements made by Colonel H ...

guest's profile picture
@guest
4 Nov 2024
Even with all the modern technologies available to us, structures like the Great Pyramid of Cheops could only be built today with immense di ...

lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
2 Nov 2024
In Sardinia, there is a legend known as the Legend of Tirrenide. Thousands of years ago, there was a continent called Tirrenide. It was a l ...
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT