phphttpsecurityquerystringparameter

What is the the meaning and purpose of this unusual value in URL parameter?


I am looking at my server logs and I see malicious requests like this:

http://www.*****.in/catalogue.php?storeid=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO))

What is the user trying to do, and and how can I protect against such things?


Solution

  • If we urldecode the parameter value, it becomes a bit more readable and it's clear that it's a SQL injection attempt - the parameter becomes

    Opzp; AND 1=1 OR (<'">iKO)
    

    Demo: https://3v4l.org/apMJ7 .

    See How can I prevent SQL injection in PHP? if you're not familiar with how to guard against that sort of thing. Basically you need to use prepared statements and parameterise all variable values which you incorporate into your queries.