DEV Community

Discussion on: Security holes in PHP

Collapse
bluebird1 profile image
bluebird • Edited on

I tried a stupid sql operation to add user data (such as gold coins), and then add the number of user operations in the database.Sorry,not my open source code。

Thread Thread
vlasales profile image
Vlastimil Pospichal

Use complex SQL or transaction.

Thread Thread
bluebird1 profile image
bluebird

Yes. So I was stupid at the time.But sometimes I can't use sql ransaction. Because maybe I are calling an external api or other operation.

Thread Thread
vlasales profile image
Vlastimil Pospichal

This is not vulnerability PHP. This is bad manipulation with database.

Thread Thread
bluebird1 profile image
bluebird

sorry,I may understand the wrong title.But if you only say php specific vulnerabilities,Should only be file include bug and some php Internal implementation vulnerability.