SQL injection from an Active Directory
Question
I have a problem I don't understand. I want to make a php script which will fill some sql's tables from an Active Directory.
Here is a part of my code : $result=ldap_list($connect, "OU=PROFS,".$base_dnref, "(ou=*)");
$res = ldap_get_entries($connect, $result);
for ($i=0; $i < $res["count"]; $i++) {
$result2=ldap_list($connect, "OU=".$res[$i]["ou"][0].",OU=PROFS,".$base_dnref, "(cn=*)");
$res2 = ldap_get_entries($connect, $result2);
for($j=0;$j<$res2["count"];$j++){
$insert=$db->query("INSERT INTO PROFESSEURS(NOM) VALUES ('".$res2[$j]["cn"][0]."')");
$insert->fetch();
}
}
$result=ldap_list($connect, "OU=ELEVES,".$base_dnref, "(ou=*)");
$res = ldap_get_entries($connect, $result);
for ($z=0; $z < $res["count"]; $z++) {
$insert=$db->query("INSERT INTO CLASSE(NUMERO) VALUES ('".strval($res[$z]["ou"][0])."')");
$insert->fetch();
$result2=ldap_list($connect, "OU=".$res[$z]["ou"][0].",OU=ELEVES,".$base_dnref, "(cn=*)");
$res2 = ldap_get_entries($connect, $result2);
for($y=0;$y<$res2["count"];$y++){
$insert=$db->query("INSERT INTO ELEVE(NOM) VALUES ('".$res2[$y]["cn"][0]."')");
$insert->fetch();
}
}
}
catch (PDOException $e) {
print 'Exception : ' . $e->getMessage();
}`
The matter is that the first double for works perfectly, but the second doesn't. However I used the same syntax. The error is : "Exception : SQLSTATE[HY000]: General error".
Additionaly, the query $insert=$db->query("INSERT INTO CLASSE(NUMERO) VALUES ('".strval($res[$z]["ou"][0])."')"); works fine but only with half of the Active Directory datas, the other not at all. I'm sure that the problem doesn't come from the LDAP path, I use LDAPExplorerTool for this.
Could you help me please ?
2 answers
solution1
0 2015-06-12 12:45:05
Please replace below code with yours:
$res = ldap_get_entries($connect, $result);
for ($i=0; $i < $res["count"]; $i++) {
$result2=ldap_list($connect, "OU=".$res[$i]["ou"][0].",OU=PROFS,".$base_dnref, "(cn=*)");
$res2 = ldap_get_entries($connect, $result2);
for($j=0;$j<$res2["count"];$j++){
$NOM = $res2[$j]["cn"][0];//Store value into variable for further use...
$insert=$db->query("INSERT INTO PROFESSEURS(NOM) VALUES ('".$NOM."')");
$insert->fetch();
}
}
$result=ldap_list($connect, "OU=ELEVES,".$base_dnref, "(ou=*)");
$res = ldap_get_entries($connect, $result);
for ($z=0; $z < $res["count"]; $z++) {
$NUMERO = strval($res[$z]["ou"][0]);//Store value into variable for further use...
$insert=$db->query("INSERT INTO CLASSE(NUMERO) VALUES ('".$NUMERO."')");
$insert->fetch();
$result2=ldap_list($connect, "OU=".$res[$z]["ou"][0].",OU=ELEVES,".$base_dnref, "(cn=*)");
$res2 = ldap_get_entries($connect, $result2);
for($y=0;$y<$res2["count"];$y++){
$NOM = $res2[$y]["cn"][0];//Store value into variable for further use...
$insert=$db->query("INSERT INTO ELEVE(NOM) VALUES ('".$res2[$y]["cn"][0]."')");
$insert->fetch();
}
}
I have made some slight changes where I have doubt. I suggest to use PDO statement because old one is now depreciated.
Let me know if you are still facing error, we can drill into it solve that problem.
Thanks!
solution2
0 2015-06-16 12:57:26
I solved the problem. It came from the syntax of the queries. I replace :
$insert=$db->query("INSERT INTO ELEVE(NOM) VALUES ('".$res2[$y]["cn"][0]."')"); $insert->fetch();
by : $insert=$db->exec('INSERT INTO ELEVE(NOM) VALUES ("'.$res2[$y]["cn"][0].'")');
So much time for this...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.