Re: Cannot post string "union select" php form

php_mysql_beginer911 wrote:
On May 9, 6:15 pm, Jerry Stuckle <jstuck...@xxxxxxxxxxxxx> wrote:
php_mysql_beginer911 wrote:
Hi .. hope someone will help
i am trying to figure it out why i cannot post string "union select"
every time i try to post data which content union and select ..
the page doesn't get posted and it shows error page not found on this
server
i googled and found some people use union and select to hack sites
(mysql injection)
i guess the server i am using has some kind of filter and if a post
string content "union select"
.. it simply doesn't post them and shows error .. (am i correct ???)
i don't know realy whats really wrong and even if it's possible that
server have some kind of filter how can i post everything (including
union select) without getting page not found error
please reply
thank to everyone
I have absolutely NO IDEA what you're talking about.

Do you have some PHP code showing this?

Did you ask your hosting company?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@xxxxxxxxxxxxx
==================

i have allready asked my hosting company and hope to recieve reply in
1 or 2 days
but i really need to fix this as soon as possible ..
it's just a simple html form and filename is test.php
<?php
if(isset($_POST['submit'])){
echo $_POST['content'];
}
?>
<form method=post >
<textarea name=content cols=50 rows=100 ></textarea>
</textarea>
<input type=sumit value=submit name=submit >
</form>
the above code works fine until i post a string which contents words
"union select" ...
so i think the problem is with string which i am posting ...
i never had this kind of problem and was wondering is it possible that
server can have configuration where some special words are not allowed
in posting data.
hope someone knows the reason ...
thanks


OK, I *think* I understand now.

I doubt very much it's your hosting company. They don't look at the data. Much more probably the data is being parsed by your CMS.

You say you're "building a cms" - are you actually writing the code yourself, or did you get something to start with off of the web (or somewhere else)?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================

.

Relevant Pages

  • Re: Cannot post string "union select" php form
    ... i am trying to figure it out why i cannot post string "union select" ... every time i try to post data which content union and select .. ... i guess the server i am using has some kind of filter and if a post ... Do you have some PHP code showing this? ...
    (comp.lang.php)
  • Re: Cannot post string "union select" php form
    ... i am trying to figure it out why i cannot post string "union select" ... every time i try to post data which content union and select .. ... i guess the server i am using has some kind of filter and if a post ... in posting data. ...
    (comp.lang.php)
  • Re: value of unknown type
    ... converting it to a string implicitely or explicitely? ... specific type inference / checking algorithm depends on the ... specifically as some kind of union type. ...
    (comp.lang.functional)
  • Re: Cannot post string "union select" php form
    ... i am trying to figure it out why i cannot post string "union select" ... every time i try to post data which content union and select .. ... i guess the server i am using has some kind of filter and if a post ... Do you have some PHP code showing this? ...
    (comp.lang.php)
  • Re: value of unknown type
    ... converting it to a string implicitely or explicitely? ... Actually, you don't have an "unknown" value, you have a value of type ... "implicit union type"). ... I admit that I do not understand what Stefan and then you mean ...
    (comp.lang.functional)