Today, out of curiosity, I googled for php mysql email register. This returns tutorials, how-tos, code snippets. Most results include flawed DB statements. This usually means something like
// Don't do this!
mysqli_query("SELECT * FROM user WHERE id = '" . $_POST["user'] . "'");
Here is the detailed breakdown. The articles are listed in the order they were suggested to me. I omitted unrelated articles or ones behind a paywall.
Possible statuses:
- All parameters in SQL queries are escaped categorically
- Incoming data is only escaped where absolutely necessary
- Author attempted some escaping but vulnerability found
- No escaping logic whatsoever
| # | Status | URL | Site | Notes |
|---|---|---|---|---|
| 1 | 3 | link | CodeWithAwa | "SELECT * FROM users WHERE email='$email' LIMIT 1"; |
| 2 | 1 | link | envatotuts+ | |
| 3 | 1 | link | Code Boxx | |
| 4 | 1 | link | Aaraf Academy | |
| 5 | 3 | link | Webslesson | WHERE user_activation_code = '".$user_activation_code."' |
| 6 | 2 | link | CodingNepal | |
| 7 | 3 | link | YouTube | Timestamp provided |
| 8 | 3 | link | YouTube | This is part 1 of a series of 3. Part 1 is fine, but there are problems in part 2, as well as part 3 here and here and here |
| 9 | 4 | link | morioh | Redirects you to tutsmake.com where the code is to be found |
| 10 | 3 | link | Webs Codex | "SELECT * FROM users WHERE otp = '$postOtp' |
| 11 | 1 | link | CodeShack | |
| 12 | 1 | link | webtipstricks | |
| 13 | 4 | link | studentstutorial | |
| 14 | 4 | link | positronX.io | |
| 15 | 1 | link | Mage Mastery | |
| 16 | 1 | link | phppot | |
| 17 | 4 | link | TalkersCode | |
| 18 | 3 | link | OurSourceCode | $query = "update users set status='1' where token='$token'"; |
| 19 | 1 | link | DZone | |
| 20 | 3 | link | Sourcecodester | mysqli_query($conn,"select * from user where userid='$user'"), Also, using htmlspecialchars() for SQL escaping everywhere |
| 21 | 4 | link | coding cyber | |
| 22 | 2 | link | developphp | Uses custom RegExes mostly |
| 23 | 4 | link | ProgrammerSought | |
| 24 | 1 | link | Grepper | |
| 25 | 1 | link | CodeAndCourse | |
| 26 | 4 | link | w3tweaks | |
| 27 | 1 | link | Speedy Sense | |
| 28 | 1 | link | Technopoints | |
| 29 | 4 | link | Techno Smarter | |
| 30 | 4 | link | FormGet |
I skipped to the next article as soon as I found at least one injection-prone line. There are of course more issues to be found across all 30 results, this is just the result of me quickly skimming them all specifically for sql injection.
Main takeaway for me personally is the dreadful quality of the majority of Google's search results. Several of these results were, simply put, SEO-optimized baloney.