RE: [PHP] Possible query problem

2003-10-28 Thread Pablo Gosse 
On Tuesday, October 28, 2003 8:50 AM Frank Tudor wrote:

 $query=SELECT payment FROM payment WHERE
dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
users.password='.$_POST[password].';

Okay, there seem to be a few problems here.

The first issue is:

users.password

Using this means you are referencing a table which you've identified as
users, however there is no such table in your query.  If the password
field is part of the payment table, then you would reference it as
payment.password.

However if the password field is part of a users table, then you need to
perform a join here, as you will be attempting to get the data from two
tables.

The second issue is here:

WHERE dln='.$_POST[dln].' = payment.dln='.$_POST[dln]

You're first comparind dln to $_POST['dln'], and then to payment.dln and
then to $_POST['dln'] again.

What fields is it you're trying to compare?  Each where clause in sql
must be joined with an and, or, like, etc.

So perhaps you were trying for something like this:

WHERE dln = '.$_POST[dln].' and payment.dln = '.$_POST[dln]

However, if this were the case you're essentially asking the same thing
twice.

So, based on your query, I suspect you're trying for something like
this:

$query = 'select payment from payment where dln = \''.$_POST['dln'].'\'
and password = \''.$_POST['password'].'\'';

However, this again assumes that the password and dln fields are in the
same table.  If they're in separate tables then you'll need to perform a
join.

Hope this helps.

Cheers,
Pablo

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Possible query problem

2003-10-28 Thread Jay Blanchard 
[snip]
$query=SELECT payment FROM payment WHERE
dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
users.password='.$_POST[password].';
[/snip]

Breaking the above apart ...
$query=
SELECT payment 
FROM payment 
WHERE dln='.$_POST[dln].' 
= payment.dln='.$_POST[dln].'
and users.password='.$_POST[password].';

It appears that you have one too many  dln='.$_POST[dln].'

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Possible query problem

2003-10-28 Thread Chris Shiflett 
I didn't look into your problem, but I want to mention one thing that stands
out to me.

--- Frank Tudor [EMAIL PROTECTED] wrote:
 $query=SELECT payment FROM payment WHERE
 dln='.$_POST[dln].' = payment.dln='.$_POST[dln].' and
 users.password='.$_POST[password].';

Never, ever build an SQL query using data directly from the client. You place
yourself at the mercy of every user of your site and their creative potential.
This code constitutes a security vulnerability.

Filter all data, assign it to another variable (so you know it has been
filtered), and then build your query using the filtered data:

$clean['dln'] = '';
if ($_POST['dln'] looks like a valid value)
{
 $clean['dln'] = $_POST['dln'];
}

$sql = ... {$clean['dln']} ...;

Something similar to that anyway.

Hope that helps.

Chris

=
My Blog
 http://shiflett.org/
HTTP Developer's Handbook
 http://httphandbook.org/
RAMP Training Courses
 http://www.nyphp.org/ramp

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php