hacker.org

The Hacker's Home
https://www.hacker.org/f3/

sql injection basic question

https://www.hacker.org/f3/viewtopic.php?t=2258

Page 1 of 1

sql injection basic question

Posted: Sun Mar 06, 2011 6:41 am
by robert_gsfame
Hi am new to hacking activity. I try practicing basic sql injection by adding a quote mark

As i am doing it on my own web page and not securing the query,

which is look like below mysql_query("SELECT FROM table WHERE id='".$_GET['id']."'");
then a warning notice should appear when single quote mark being added.

but i only got a blank page there. what is missing there?

thx in advance

Posted: Sun Mar 06, 2011 11:05 pm
by alalkeimst
I think that your problem is that you do not have enabled error reporting and displaying in php. This can be done through php.ini or by using this code at the start of your file:

ini_set('display_errors',1);
error_reporting(E_ALL|E_STRICT);

Hope that helps!
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited