Explorer - Apple Safari - Mozilla Firefox αʔόʔͱͯ͠ར༻͞Ε͍ͯΔදతͳͷ - Apache HTTP Server - Nginx (ΤϯδϯΤοΫε) - Microsoft IIS (Internet Information Services) - LiteSpeed Web Server Webʹ͍ͭͯ 21
from users where id = ‘{$_POST[‘id’]}’ and password = ‘{$_POST[‘password’]}’”, ); Users::where(‘id’, $_POST[‘id’])->where(‘password’, $_POST[‘password’])->get(); SQL + PHP ORM
pg_query( $dbconn, “select * from users where id = ‘{$_POST[‘id’]}’ and password = ‘{$_POST[‘password’]}”, ); # Ծʹ$_POST[‘id’]ʹʮ' or '1' = '1';-- ʯͱ͍͏͕͞Εͨ߹ɺҎԼͷΫΤϦ͕ൃߦ͞ΕΔ # ҎԼͷΫΤϦ৭ͷ෦͕ඞཱͣͯ͠͠·͏ͨΊɺશϢʔβʔͷใΛݕࡧͰ͖Δ SELECT * FROM users WHERE id = ‘’ or ‘1’ = ‘1’;-- ’ and password = ‘foo’; SQL + PHP
from comments; select * from users where id = 1; select * from users where id = 2; select * from users where id = 3; -- ҎԼϨίʔυ͕ଘࡏ͢Δ͚ͩΫΤϦ͕ൃߦ͞ΕΔ $comments = Comment::with('user')->get(); foreach ($comments as $ comment) { echo $comment->user }