Question
The PHP code handling the login looks roughly like this: $user = $_POST [ username ]); $hash = SHA1 ( $_POST [ password ]); $query
The PHP code handling the login looks roughly like this: $user = $_POST [ username ]); $hash = SHA1 ( $_POST [ password ]); $query = " SELECT ID , name FROM user WHERE ( name = $user OR email = $user ) AND pass = $hash "; $handle = mysql_query ( $query ); $results = msqyl_fetch_array ( $handle ); if ( found one record ) { allow the user to login } else { reject login }
Read about SQL injection countermeasure on the following web page: https: //secure.php.net/manual/en/mysqli.quickstart.multiple-statement.php 1) Based on the reading at the link above, briefly explain why we cannot carry out an UPDATE injection attack on the login code described above. 2) If the login code used a different function to interact with the database, it would be vulnerable - which function is that?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started