$_GET Vulnerable?

if( while ) switch{ coding } ++ — Page [1]

sprinkles

2009 Sep 6 • 2547
10 ₧

I was jus' wondering if $_GET was vulnerable, like to mysql injection, xss, or whatever?

≡

2012 Jan 29 at 13:31 PST

SuperJer
Websiteman

2005 Mar 20 • 6629

I'm not sure what you mean?

$_GET contains an element for every key in the URL's query string.

So a URL like:

hxxp://example.com/page?a=1&b=1&c=lol

populates $_GET with

$_GET['a'] = 1;
$_GET['b'] = 2;
$_GET['c'] = "lol";

It's entirely injection, I guess. You shouldn't trust what's in it, obviously, since anyone can put anything in a URL.

≡

2012 Feb 3 at 19:28 PST — Ed. 2012 Feb 3 at 19:29 PST

SuperJer
Websiteman

2005 Mar 20 • 6629

MySQL injection is when, for example, you do this:

php code

<?php

mysql_query("SELECT * FROM yodawg WHERE id=" . $_GET['id']);

?>

because an attacker can use a URL like:

hxxp://example.com/page?id=1 OR 1

which will then SELECT everything in your table.

≡

2012 Feb 3 at 19:32 PST

MadwiX
2012 Feb 10 • 11

SuperJer said:

MySQL injection is when, for example, you do this:

php code

<?php

mysql_query("SELECT * FROM yodawg WHERE id=" . $_GET['id']);

?>

because an attacker can use a URL like:

hxxp://example.com/page?id=1 OR 1

which will then SELECT everything in your table.

What about raw _GET method. No MySQL, no database.
What I mean is, is _get method vulnerable to any attack by itself.

≡

2013 Feb 2 at 18:16 PST

SuperJer
Websiteman

2005 Mar 20 • 6629

MadwiX said:

What about raw _GET method. No MySQL, no database.
What I mean is, is _get method vulnerable to any attack by itself.

The question doesn't really make sense. _GET is not a method. It is just a list of the URL parameters. You have to do something with the parameters unsafely to lead to a vulnerability.

≡

2013 Feb 3 at 15:29 PST

sprinkles

2009 Sep 6 • 2547
10 ₧

How does the url get into $_GET?