class Sanitize { private $data; public function __construct($input) { $this->data = $input; } public function getData() { return $this->data; } public function sanitize() { $this->data = mysql_real_escape_string($this->data); } } $sanitizer = new Sanitize($tainted); $sanitizer->sanitize(); $tainted = $sanitizer->getData(); $query = sprintf("SELECT * FROM '%s'", $tainted); $conn = mysql_connect('localhost', 'mysql_user', 'mysql_password'); // Connection to the database (address, user, password) mysql_select_db('dbname'); echo "query : " . $query . "<br /><br />"; $res = mysql_query($query); //execution while ($data = mysql_fetch_array($res)) { print_r($data); echo "<br />"; } mysql_close($conn);
MODIFICATIONS.*/ $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("file", "/tmp/error-output.txt", "a")); $cwd = '/tmp'; $process = proc_open('more /tmp/tainted.txt', $descriptorspec, $pipes, $cwd, NULL); if (is_resource($process)) { fclose($pipes[0]); $tainted = stream_get_contents($pipes[1]); fclose($pipes[1]); $return_value = proc_close($process); } class Sanitize { public function sanitize($input) { return mysql_real_escape_string($input); } } $temp = new Sanitize(); $tainted = $temp->sanitize($tainted); $query = "SELECT lastname, firstname FROM drivers, vehicles WHERE drivers.id = vehicles.ownerid AND vehicles.tag=' {$tainted} '"; $conn = mysql_connect('localhost', 'mysql_user', 'mysql_password'); // Connection to the database (address, user, password) mysql_select_db('dbname'); echo "query : " . $query . "<br /><br />"; $res = mysql_query($query); //execution while ($data = mysql_fetch_array($res)) { print_r($data); echo "<br />"; } mysql_close($conn);