current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Code Review Stack Exchange is a question and answer site for peer programmer code reviews. It's 100% free, no registration required.

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote -6 down vote favorite

Is my code is vulnerable to sql Injection.It is hardly coded 

if (isset($_POST['submit'])) {
    $content = strip_tags($_POST['cont'],'<h1>,<br>,<h2>,<h3>,<h4>,<strong>,<a>');
    $content_date = date('d-m-y');

    if (!empty($content)) {

        $check = "SELECT * FROM post WHERE user_id = ?";
        $stmt = $con->prepare($check);
        $stmt->bind_param("i",$my_id);

        $stmt->execute();

        $stmt->store_result();
        $numberofrows = $stmt->num_rows;

        if ($numberofrows == 1) {
            $up = "UPDATE post SET content = ? , con_date = ? WHERE user_id = ? ";
            $stmtup = $con->prepare($up);
            $stmtup->bind_param("ssi",$content,$content_date,$my_id);
            $stmtup->execute();
            $stmtup->close();
            echo "<script>alert('Information Updated')</script>";
            echo "<meta http-equiv='refresh' content='0'>";


        }else{
            $in = "INSERT INTO post(user_id,content,con_date) VALUES (?,?,?) ";
            $stmtin = $con->prepare($in);
            $stmtin->bind_param("iss",$my_id,$content,$content_date);
            $stmtin->execute();
            $stmtin->close();
            echo "<script>alert('Information Updated')</script>";
            echo "<meta http-equiv='refresh' content='0'>";

        }
    }else{
        echo "<script>alert('Please fill the Fields')</script>";
        exit();
    }
}
share|improve this question

closed as unclear what you're asking by janos Feb 21 at 13:51

Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question.If this question can be reworded to fit the rules in the help center, please edit the question.
2  
Please read the how-to-ask page in the help center to improve the quality of your question. – janos Feb 21 at 11:49
    
I get it .But first answer this question @janos – Bajwa kapoor Feb 21 at 12:37
3  
@Bajwakapoor how arrogant – downrep_nation Feb 21 at 12:53
    
@Bajwakapoor that's not how this site works. Please follow the page I linked. – janos Feb 21 at 13:50
up vote 2 down vote

Yes, this is vulnerable to SQL injection. strip_tags protects against html/xml injection, but does almost nothing against sql injection attacks. Use PDO and prepared queries.

share|improve this answer
1  
I don't know much PHP but it seems to me the code is using prepared statements and so I don't see the SQL injection vulnerability. Can you please clarify? – janos Feb 21 at 13:49
    
@pipiripi: I can't see SQL injection in here, either. Question's author is using MySQLi prepared statements. – Przemek Feb 21 at 13:53
1  
The thing is it doesnt do true prepared statements, it emulates them - also there are other things to concern. It's a large area and my english is not good for long explanation, here are some links for more info: stackoverflow.com/questions/134099/… - the first answer shows how it's actually vulnerable even though he's also using the same prepared statement as our asker. – pipiripi Feb 21 at 14:00
1  
@pipiripi: I stand corrected, thank you for this link! – Przemek Feb 21 at 14:10

Not the answer you're looking for? Browse other questions tagged or ask your own question.