Hello,

I'm trying to build a demo of SQL Injection (SI) to discuss with my
students. The idea is to use the live demo to show and discuss how to
avoid SI using some secure code  techiques.

I'm using PHP 4.3.11 and MSSQL 80 on a windows XP box. 

Sometimes a multiline query is submitted to the server, something like this:
--------------------
use sales; select name from users; drop table xxx;
--------------------

Note the query above has in fact three queries, each one producing a
message but the function mssql_get_last_message() aparently doesn't
return all of them to the user.

Capturing the packets during the connection (e.g ethereal or tcpdump)
I can perfectly see all messages returning from the server, like this:
-----------
(1) Changed database context to 'sales'
(2) <result set here>
(3) Cannot drop the table 'xxx', because it does not exist in the
system catalog.
----------------

But only the first message is returned from PHP mssql_get_last_message().

Can anyone help me to explain this behavior ?

Thanks in advance.


Denio.

...................................................................
Denio Mariz
Teacher, CEFETPB
Researcher, GPRT/UFPE, Brazil

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to