As the title says, I'm developing a small project and is encountering some issues. Tried SQL injection directly on the search box but it doesn't seems to work. I believe my code is not that sanitize though. Any inputs would be appreciated.
This is part of my form page;
<form method="post" action="tablepaging1.php">
<div class="form-group">
<input type="text" class="form-control bg-light border-0 small" name="word" placeholder="Search for..." aria-label="word" aria-describedby="basic-addon2">
<input type="submit" value="Search" name="submit" class="login-button"/>
</div>
</form>
This is the processing portion (tablepaging1.php)
<?php
require('config.php');
$word = $_POST['word'];
$min_length = 3;
if(strlen($word) >= $min_length){ // if query length is more or equal minimum length then
$raw_results = "SELECT * FROM services
WHERE `co_name` LIKE '%".$word."%' OR `co_phone` LIKE '%".$word."%'";
$getSearch_res = mysqli_query($link, $raw_results) or die('v3n0ms1x6SiX');
if(mysqli_num_rows($getSearch_res) > 0){ // if one or more rows are returned do following
while($results = mysqli_fetch_array($getSearch_res)){
echo "<p><h3>".$results['co_name']."</h3>".$results['co_phone']."</p>";
}
}
else{
echo "No results";
}
}
else{
echo "Minimum length is ".$min_length;
}
?>
So you want to try SQL injection ? For your case, please try the following input as $word:
abc' or 1=1 or 'ddd
so your resulting string will be
SELECT * FROM services WHERE co_name LIKE '%abc' or 1=1 or 'ddd%' OR co_phone LIKE '%abc' or 1=1 or 'ddd%'
and you will retreive all the data from the services table.