I am looking at my server logs and I see malicious requests like this:
http://www.*****.in/catalogue.php?storeid=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO))
What is the user trying to do, and and how can I protect against such things?
>Solution :
If we urldecode the parameter value, it becomes a bit more readable and it’s clear that it’s a SQL injection attempt – the parameter becomes
Opzp; AND 1=1 OR (<'">iKO)
Demo: https://3v4l.org/apMJ7 .
See How can I prevent SQL injection in PHP? if you’re not familiar with how to guard against that sort of thing. Basically you need to use prepared statements and parameterise all variable values which you incorporate into your queries.