A little tutorial to Resolve Bug SQL Injection in the form of admin login.
Previously I was telling how where a hacker who looks for loopholes through the Bypass Admin, which it uses code '=' 'or', maybe this code is often used by hackers who look for loopholes by way of bypass Admin. If a from login Admin which entered the following code will go to the dashboard or go to the admin page, then it is said Bug Admin SQL Injek. Because only use the following code without entering the original username.
Well now I will give you a little tutorial to prevent Bypass Admin, maybe my simple way below will provide little benefit for you and the Website is there to prevent malicious hackers.
Well, Previously you first check your scriptchek_login.php, for example like my script below that I will practice it.
This in MyScrip login.php
Once you see my script, it turns out the Script Bug here. because it does not have to inject preventive function.
Of the script has not filtered the process of retrieving data from SQL inputted from the admin login, the use of filtering this so as not to ask a strange character, so as not to be processed. of the script has not filtered the process of retrieving data from SQL inputted from the admin login, the use of filtering this so as not to ask a strange character, so as not to be processed.
Create a function, here I use a function with the name 'injectpreventer':
Scrip
After we add the function will become script like below.
that's a very simple code to prevent Bug in Admin login process, the code is very simple to stay useful to overcome the hackers to get into our web, so thank you may be useful.
Posted on Utopian.io - Rewarding Open Source Contributors