-
Notifications
You must be signed in to change notification settings - Fork 493
[FIX] SQL Level 5, variable should not be inside string single-quotes #14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
I'm contemplating what that line should've looked like
Possible intentions could have been:
$query = "SELECT bookname,authorname FROM books WHERE number ="."'$number'";
or similarly
$query = "SELECT bookname,authorname FROM books WHERE number =".$number;
I've also thought about this possibility:
$query = "SELECT bookname,authorname FROM books WHERE number ='". $number . "'";
Either way, the current line is bugged, since it is taking $number as the literal string input each time.
The value from $_POST['number'] is never used as of now.
JonasPertschy
commented
Jul 21, 2022
Thank you 👍🏻 I encountered the same issue. None of my static/dynamic scanners were able to spot the vulnerability because there is none. '$number' is not user-controlled data.
Line 50
$query = "SELECT bookname,authorname FROM books WHERE number =".'$number';in
sql5.phpwill never work, as'$number'is a string.Asuming this was an error, this PR fixes this issue.