What page architecture are you using: PHP, ASP, .Net 1.1 or .Net 2.0 or
are you using one of the standard CMS packages (Mambo, Plone, etc) ??
If you are using ASP.net 2.0 with MySQL (I am using this), I have
managed to implement the Membership / Role providers in my site using
MySQL as the provider. Using the login credentials you supplied, The
site rejects it as you have to have explicit username and password
(which is encrypted on creation in the DB) details to login.
HTH,
Dewald Troskie
GIS Developer / Database Architect
GIS Global Image (Pty) Ltd.
Helping the world make informed decisions
P.O Box 15 The Innovation Hub 0087
Cell: +27 (0)72 685 4246
Tel: +27 (0)12 844 0660
Fax: +27 (0)86 619 3958
Email: dewald@stripped
Web: www.globalimage.co.za
Web: www.mapme.co.za
Blog: http://electronucleus.blogspot.com/
Registered Linux User No: 371874
Office L15 Enterprise Building
The Innovation Hub - Hotel Street
Lynnwood, Pretoria, 0087
"The are 10 kinds of people, those who
understand binary and those who don't"
-----Original Message-----
From: Critters [mailto:critters@stripped]
Sent: 10 May 2006 10:53 AM
To: mysql@stripped
Subject: 1' and '1' or '1
Hi
A user was able to log into my site using:
1' and '1' or '1
in the username and password box.
I ran the query
SELECT * FROM members WHERE name = '1' and '1' or '1' AND password = '1'
and '1' or '1'
And it returned all rows. Can someone explain to me why this happens,
and if the steps I took (replacing the ' with a blank space when the
user submits the login form) is enough to prevent a similar "hack"
Appreciate any feedback.
--
Dave
