PHP :: Doc Bug #30274 :: Error in SQL injection example in manual page for mysql_real_escape

Doc Bug #30274	Error in SQL injection example in manual page for mysql_real_escape_string()
Submitted:	2004-09-29 13:37 UTC	Modified:	2004-09-29 18:24 UTC
From:	troels at arvin dot dk	Assigned:
Status:	Closed	Package:	Documentation problem
PHP Version:	Irrelevant	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	troels at arvin dot dk
New email:
PHP Version:		OS:

New/Additional Comment:

[2004-09-29 13:37 UTC] troels at arvin dot dk

Description:
------------
The manual page for mysql_real_escape_string() has a section on the danger of SQL injection; that's nice.

However, the example used to illustrate the danger is wrong and misleading, as far as I can see.

The page states
...
  // We didn't check $_POST['password'], it could be anything the user wanted! For example:
  $_POST['username'] = 'aidan';
  $_POST['password'] = "' OR 1=1";
...

However, setting $_POST['password'] to
  ' OR 1=1
will result in a query like this, which isn't very dangerous because it's a syntax error:
  SELECT * FROM users WHERE name='aidan' AND password='' OR 1=1'

A better example of a dangerous value of $_POST['password'] would be:
  ' OR ''='
because it would result in this query:
  SELECT * FROM users WHERE name='aidan' AND password='' OR ''=''

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-09-29 13:52 UTC] vrana@php.net

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.

[2004-09-29 17:15 UTC] aidan@php.net

I don't know why you think the query would be a syntax error, but you are wrong. It works fine.

Marking as Bogus and reverting.

[2004-09-29 18:24 UTC] aidan@php.net

Ooops, I see what you mean, please excuse me.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Nov 19 12:00:02 2025 UTC