{"id":53,"date":"2016-04-13T22:24:40","date_gmt":"2016-04-13T22:24:40","guid":{"rendered":"http:\/\/127.0.0.1\/wordpress\/?p=2796"},"modified":"2019-03-26T15:32:37","modified_gmt":"2019-03-26T15:32:37","slug":"how-to-protect-your-site-from-sqli-injection","status":"publish","type":"post","link":"https:\/\/www.nemra-1.com\/ar\/how-to-protect-your-site-from-sqli-injection.html","title":{"rendered":"\u0634\u0631\u062d \u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0642\u0639\u0643 \u0645\u0646 \u062d\u0642\u0646 \u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a"},"content":{"rendered":"
\n\n\u00a0\u00a0\u00a0<?php<\/h6>\n
$_POST[‘username’]\u00a0=\u00a0‘ahmed’;
\n$_POST[‘password’]\u00a0=\u00a0“‘\u00a0OR\u00a0”='”;<\/h6>\n\/\/\u00a0\u0627\u0644\u0628\u062d\u062b\u00a0\u0641\u064a\u00a0\u0642\u0627\u0639\u062f\u0629\u00a0\u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a\u00a0\u0639\u0646\u00a0\u0639\u0636\u0648\u064a\u0629\u00a0\u0645\u0634\u0627\u0628\u0647\u0629\u00a0\u0644\u0645\u062f\u062e\u0644\u0627\u062a\u00a0\u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645
\n$query\u00a0=\u00a0“SELECT\u00a0*\u00a0FROM\u00a0users\u00a0WHERE\u00a0user='”.$_POST[‘username’].”‘\u00a0AND\u00a0password='”.$_POST[‘password’].”‘”;
\nmysql_query($query);<\/h6>\n\/\/\u00a0\u0644\u0645\u00a0\u0646\u0642\u0645\u00a0\u0628\u0641\u062d\u0635\u00a0\u0627\u0644\u0645\u062a\u063a\u064a\u0631\u00a0$_POST[‘password’]\u00a0\u0627\u0644\u0630\u064a\u00a0\u0623\u062f\u062e\u0644\u0647\u00a0\u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645,\u00a0\u0642\u062f\u00a0\u064a\u062d\u062a\u0648\u064a\u00a0\u0639\u0644\u0649\u00a0\u0623\u064a\u00a0\u0623\u0648\u0627\u0645\u0631\u00a0\u064a\u0631\u064a\u062f\u0647\u0627\u00a0\u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645!\u00a0\u0648\u0641\u064a\u00a0\u0645\u062b\u0627\u0644\u0646\u0627\u00a0\u0647\u0630\u0627\u00a0\u0642\u0627\u0645\u00a0\u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u00a0\u0628\u062a\u062e\u0637\u064a\u00a0\u0643\u0644\u0645\u0629\u00a0\u0627\u0644\u0645\u0631\u0648\u0631:
\n?><\/h6>\n<\/div>\n<\/blockquote>\n\u0647\u0630\u0627 \u064a\u0639\u0646\u064a \u0628\u0623\u0646 \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 \u0627\u0644\u0630\u064a \u062a\u0645 \u0627\u0631\u0633\u0627\u0644\u0629 \u0623\u0635\u0628\u062d \u0643\u0627\u0644\u062a\u0627\u0644\u064a<\/span><\/span><\/span><\/span><\/b><\/div>\n<\/div>\n\n\n\n\nSELECT * FROM users WHERE user='aidan' AND password='' OR ''=''<\/pre>\n<\/blockquote>\n<\/div>\n<\/div>\n<\/div>\n\u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u0635\u0639\u0628 \u0645\u0634 \u0643\u062f\u0647\u061f<\/em><\/span><\/p>\n
\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u062b\u063a\u0631\u0627\u062a \u062d\u0642\u0646 SQL \u0641\u064a PHP \u060c \u0627\u0644\u0628\u0639\u0636 \u0628\u0644 \u0627\u0644\u0643\u062b\u064a\u0631\u064a\u0646 \u0648\u0627\u0646\u0627 \u0643\u0646\u062a \u0623\u062d\u062f\u0647\u0645 \u064a\u0633\u062a\u062e\u062f\u0645\u0648\u0627 \u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u0628\u062d\u062b \u0641\u064a \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0645\u062f\u062e\u0644\u0629 \u0648\u0641\u062d\u0635\u0647\u0627 \u0645\u0646 \u0627\u062d\u062a\u0648\u0627\u0626\u0647\u0627 \u0639\u0644\u0649 \u0631\u0645\u0648\u0632 \u0645\u0639\u064a\u0646\u0629 \u064a\u062a\u0645 \u062a\u062d\u062f\u064a\u062f\u0647\u0627 \u0645\u0633\u0628\u0642\u0627\u064b \u0648\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 \u0641\u064a \u062d\u0627\u0644 \u0644\u0645 \u064a\u0648\u062c\u062f \u0623\u064a \u0645\u0646 \u0647\u0630\u0647 \u0627\u0644\u0631\u0645\u0648\u0632 \u0647\u0630\u0647 \u0627\u0644\u0637\u0631\u064a\u0642\u0629 \u0628\u062f\u0627\u0626\u064a\u0629 \u0648\u0642\u062f \u062a\u0641\u0642\u062f\u0646\u0627 \u0627\u0644\u0643\u062b\u064a\u0631 \u0645\u0646 \u0645\u0645\u064a\u0632\u0627\u062a \u0628\u0631\u0627\u0645\u062c\u0646\u0627… \u0627\u0644\u0623\u0646 \u0633\u0623\u0634\u0631\u062d \u0637\u0631\u064a\u0642\u0629 \u0631\u0633\u0645\u064a\u0629 \u0648\u0645\u0636\u0645\u0648\u0646\u0629 \u0648\u0628\u0633\u064a\u0637\u0629 \u062c\u062f\u0627\u064b \u062a\u062d\u0642\u0642 \u0646\u0633\u0628\u0629 \u0623\u0645\u0627\u0646 \u0639\u0627\u0644\u064a\u0629 \u0641\u064a \u062a\u0641\u0627\u062f\u064a \u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u062d\u0642\u0646 \u0648\u0623\u064a\u0636\u0627\u064b \u064a\u0645\u0643\u0646\u0646\u0627 \u0625\u062f\u062e\u0627\u0644 \u0623\u064a \u0646\u0648\u0639 \u0645\u0646 \u0627\u0644\u0631\u0645\u0648\u0632 \u0628\u062f\u0648\u0646 \u0623\u064a\u0629 \u0645\u0634\u0627\u0643\u0644!! \u0648\u0647\u064a \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0625\u062d\u062f\u0649 \u062f\u0648\u0627\u0644 PHP \u0627\u0644\u0645\u062e\u0635\u0635\u0629 \u0644\u0630\u0644\u0643 \u0648\u0647\u064a \u0627\u0644\u062f\u0627\u0644\u0629<\/strong><\/p>\n
\nMysql_real_escape_string()<\/strong><\/p>\n<\/blockquote>\n
\u062d\u064a\u062b \u064a\u062c\u0628 \u062a\u0645\u0631\u064a\u0631 \u0643\u0644 \u0645\u062f\u062e\u0644\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0647\u0630\u0647 \u0627\u0644\u062f\u0627\u0644\u0629 \u062d\u064a\u062b \u062a\u0639\u0645\u0644 \u0639\u0644\u0649 \u0641\u0644\u062a\u0631\u0629 \u0648\u062a\u062d\u0648\u064a\u0644 \u0627\u0644\u0631\u0645\u0648\u0632 \u0627\u0644\u062e\u0637\u064a\u0631\u0629 \u0628\u062d\u064a\u062b \u0644\u0627 \u064a\u0643\u0648\u0646 \u0644\u0647\u0627 \u0623\u064a \u062a\u0623\u062b\u064a\u0631 \u0641\u064a \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 \u0648\u064a\u062a\u0645 \u0627\u0644\u062a\u0639\u0627\u0645\u0644 \u0645\u0639\u0647\u0627 \u0643\u0646\u0635 \u0639\u0627\u062f\u064a<\/strong><\/p>\n
\u0645\u062b\u0627\u0644\u0646\u0627 \u0627\u0644\u0633\u0627\u0628\u0642 \u0645\u0639 \u0639\u0645\u0644 \u0641\u0644\u062a\u0631\u0629 \u0639\u0646 \u0637\u0631\u064a\u0642 \u0627\u0644\u062f\u0627\u0644\u0629 \u0644\u0644\u0645\u062f\u062e\u0644\u0627\u062a:<\/strong><\/p>\n
\n<?php <\/strong><\/h5>\n
$_POST[‘username’] = ‘ahmed’; <\/strong>
\n $_POST[‘password’] = “‘ OR ”='”; <\/strong><\/h5>\n\/\/ \u0627\u0644\u0628\u062d\u062b \u0641\u064a \u0642\u0627\u0639\u062f\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0639\u0646 \u0639\u0636\u0648\u064a\u0629 \u0645\u0634\u0627\u0628\u0647\u0629 \u0644\u0645\u062f\u062e\u0644\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 <\/strong>
\n $query = “SELECT * FROM users WHERE user='”. mysql_real_escape_string($_POST[‘username’]).”‘ AND password='”. mysql_real_escape_string($_POST[‘password’]).”‘”; <\/strong>
\n mysql_query($query); <\/strong><\/h5>\n\/\/ \u0644\u0627\u062d\u0638 \u0627\u0646\u0646\u0627 \u0642\u0645\u0646\u0627 \u0628\u0639\u0645\u0644 \u0641\u0644\u062a\u0631\u00a0\u0627\u0644\u0645\u062a\u063a\u064a\u0631\u0627\u062a \u0639\u0646 \u0637\u0631\u064a\u0642 \u0627\u0644\u062f\u0627\u0644\u0629 \u0648\u0647\u0646\u0627 \u064a\u062a\u0645 \u0627\u0628\u0637\u0627\u0644 \u0645\u0641\u0639\u0648\u0644 \u0627\u0644\u062d\u0642\u0646 <\/strong>
\n ?><\/strong><\/h5>\n<\/blockquote>\n\u00a0\u0648\u0647\u0643\u0630\u0627 \u0627\u0646\u062a\u0647\u064a \u0627\u0644\u062f\u0631\u0633..\u0643\u0634\u0641 \u0627\u0644\u062b\u063a\u0631\u0627\u062a..\u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644..\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0646 \u0627\u0644\u062b\u063a\u0631\u0629<\/span> <\/strong><\/h2>\n
\u00a0Ahmed El Sheikh<\/span><\/strong><\/span><\/pre>","protected":false},"excerpt":{"rendered":"
\u0627\u0644\u0633\u0644\u0627\u0645 \u0639\u0644\u064a\u0643\u0645 \u0648\u0631\u062d\u0645\u0629 \u0627\u0644\u0644\u0647 .. \u0642\u0628\u0644 \u0627\u0644\u0628\u062f\u0621 \u0641\u064a \u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u062b\u063a\u0631\u0627\u062a \u062d\u0642\u0646 \u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0623\u0635\u0628\u062d\u062a \u062e\u0637\u064a\u0631\u0629 \u0644\u0623\u0628\u0639\u062f \u0627\u0644\u062d\u062f\u0648\u062f \u0648\u0644\u0627 \u064a\u0633\u062a\u0647\u0627\u0646 \u0628\u0647\u0627 \u0641\u0623\u0628\u0633\u0637\u0647\u0627 \u062a\u0643\u0648\u0646 \u0628\u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648\u062a\u0639\u062f\u064a\u0644\u0647\u0627 \u0623\u0648 \u062d\u062a\u0649 \u062d\u0630\u0641\u0647\u0627 \u0648\u0623\u062e\u0637\u0631\u0647\u0627…<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1233],"tags":[],"yoast_head":"\n
\u0634\u0631\u062d \u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0642\u0639\u0643 \u0645\u0646 \u062d\u0642\u0646 \u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a<\/title>\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n\n\n\n\n\n\t\n\t\n\t\n