This is a quick read on Conditional statements, Loops, Functions, and Arrays. I've created this short note to help anyone who wants to refresh their PHP knowledge. And for people who are new to PHP but have some knowledge in programming can also benefit from this article.
Conditional Statements
This is used to make choices based on the conditions given.
This is a short note that I created to refresh my memory on for the introduction to PHP and I hope to continue while I keep learning more about this serve side scripting language.
PHP also is known as Hypertext Pre Processor code executes on the server and the results return to the browser as plain HTML. The PHP files should have a “.php” extension. PHP can generate dynamic page content which allows the server to generate unique content each time the page is loaded. PHP can perform many tasks on files such as open, read, write, create, close files in the server as well as add delete, modify data in the database. It is also used to control user access and encrypt data.
In this article, I’m going to use the burp suite community edition tool to exploit some SQL Injection vulnerabilities. I’m using Port Swigger academy labs for this demonstration
The first one is a simple retrieval of hidden data. Following
is a webpage that retrieves data from a SQL database. In the URL we can see the Gifts parameter is assigned to “category”. But there’s a hidden variable called
“released” as well.
Injections are ranked as the number one web application vulnerability by OWASP top 10. Injection flaws can be stimulated by an intruder sending malicious data to the interpreter. In this article I will be talking about the SQL Injections in particular.
