From: olafvdspek at gmail dot com Operating system: PHP version: 5.2.6 PHP Bug Type: Feature/Change Request Bug description: Avoid SQL injection by design
Description: ------------ The standard mysql_query function is very prone to abuse. Could a function be added that's safer? Like, for example: mysql_query_safe("insert into T (A, B, C) values (?, ?, ?)", $a, $b, $c); The function would be a bit like sprintf, except it would automatically call mysql_real_escape_string on all non-int arguments and enclose them in single quotes. Safe types like int would not receive this treatment. Reproduce code: --------------- mysql_query("insert into T (A, B, C) values (?, ?, ?)", $a, $b, $c); Expected result: ---------------- No SQL injection vulnerability Actual result: -------------- SQL injection vulnerability -- Edit bug report at http://bugs.php.net/?id=46202&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=46202&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=46202&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=46202&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=46202&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=46202&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=46202&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=46202&r=needscript Try newer version: http://bugs.php.net/fix.php?id=46202&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=46202&r=support Expected behavior: http://bugs.php.net/fix.php?id=46202&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=46202&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=46202&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=46202&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=46202&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=46202&r=dst IIS Stability: http://bugs.php.net/fix.php?id=46202&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=46202&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=46202&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=46202&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=46202&r=mysqlcfg