Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Learning Outcome(s) 1.Build web applications using PHP or similar languages 2. C

ID: 3701651 • Letter: L

Question

Learning Outcome(s) 1.Build web applications using PHP or similar languages 2. Construct and manipulate web databases You have the following two tables in a MySQL database called it230 orderstatuses users int (11) varchar(30) PK PK varchar(32) varchar(32) ordernumber user name statuS password You also have the following track.php page that allows a user to enter an order number and then connects to the database to return the status of that order. chtml> input type "submit" value-"Track"> /html> php if(isset( POST["order_number"])) Sconn mysqli_connect("localhost", "root", "", "it230): sq"SELECT status FROM order_statuses WHERE order_number-".$_POST["order_number"]i Sresultmysqli_query (Sconn, $sql); if (mysqli-num-rows($result) > 0) { row mysqli_fetch assoc(Sresult) echo "Your order is: ".$row"status"] else echo "We apologize, your order was not found" mysqli_close(Sconn); Suppose that a user types the following into the order number field in the page -1 union select concat(user name.' - '.password) as status from users 1. What will happen? [0.25 mark] 2. What do we call this type of attack? [0.25 mark] 3. Re-write track.php so, it prevents this attack. [1 mark]

Explanation / Answer

1.Since the text that is being typed inside the textbox is:

-1 union select concat(user nam,'-',password) as status from users;

will get repalced as: SELECT status FROM order_status WHERE order_number = -1 union select concat(user nam,'-',password) as status from users;

Since the order_number is set to -1,it won't retrieve any record from the order_status table.However,the command next to it will get executed and the user will get very sensitive details from the users table like the username and password which is a very dangerous act.

2.This type of attack is called an sql injection through which malicious code acts into our database and manipulates it to whatever it desires for.

3.You may us stored procedures or rewrite the sql query using parameters in the following way:

$qry=mysqli->prepare("SELECT status FROM order_status WHERE order_number=?");

where the ? is a placeholder for a parameter.Then

$text=$_POST["order_number"];

$qry->bind_param("val",$text);

$qry->execute();

Related Questions

Learning Obiectivs Chs-P2 The eonservatism principle: 15. A) Requires that when
Question #2509815
Learning Objective 2 S14-5 Computing cash flows from operating activities-indire
Question #2531951
Learning Objective 2: Compare inventory by three methods) Robinett Camping Surpl
Question #2581980
Learning Objective 3 Journalizing adjusting entries and subsequent journal entri
Question #2411369
Learning Objective 3: Compute cash flows from operating activities—indirect meth
Question #2461820
Learning Objective 4 ED-21 Analyzing the ability to pay liabilities Big Bend Pho
Question #2395689
Learning Objective 4 Exercise 26-11 Activity rates and product costs using activ
Question #2372500
Learning Objective 4 P25-25A Making outsourcing decisions Outdoor Life manufactu
Question #2453515
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Learning Outcome s : 1- Develop a framework for analyzing the logistics function
Next
Learning Outcome(s): A. Briefly define the term Waterfall model? And list the ph

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.