0

Hello i want to know why this kind of example question never been asked before. i got this code from my college that they say this kind of code is able to prevent sql injection

we use codeigniter to build a website and here is the code to prevent sql injection

Controller

$usr = $this->input->post('userid');
$pwd = $this->input->post('passwd');

if($usr && $pwd) {
                $ack = $this->mAuth->get_user($usr);
$pwx = $ack['passwd'];
                    if($ack && $pwd == $pwx) {
                        //redirect code
}

model

public function get_user($user_id='', $status=1) {
        $user_id = $this->db->escape(trim($user_id));
        $status  = $status ? 'and user_status_uid = 1' : '';

        $sql = "select * from users where user_id = lower($user_id)"

        return rst2Array($sql, 'row');
    }

i tried to login with 1' or 1 = 1 and etc i found and it did prevent sql injection even though it's only a plain text and password.

is there any vulnerability to this code? thanks

Improve this question
3
  • 1
    If you want to prevent sql-injection never build sql-queries including data via string-concatenation. Commented Aug 20, 2014 at 8:12
  • 1
    Check this question: stackoverflow.com/questions/1615792/… Commented Aug 20, 2014 at 8:12
  • 1
    this code if($ack && $pwd == $pwx) { //redirect code } it actually prevent injection to login as anyone right? can someone actually have any example? Commented Aug 20, 2014 at 9:44

1 Answer 1

Reset to default
1

To put it simply: the "magic" is in the $this->db->escape function. It adds quotes around string values and escapes them properly for SQL syntax. See https://ellislab.com/codeigniter/user-guide/database/queries.html.

Barring any bugs in that function, it indeed prevents SQL injection in this case.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.