SQL injection

SQL injection is just like JavaScript injection. It occurs when poorly validated input allows an attacker to run arbitrary SQL queries on your server. In the worst case, this could allow them to exploit a buffer overflow vulnerability in the server, and thus execute arbitrary code.

MediaWiki uses an idiosyncratic SQL generation interface which has proven to be very effective for eliminating SQL injection vulnerabilities. The SQL generation interface also provides DBMS abstraction and features such as table prefixes.

Please study the functions provided in Database.php, and avoid using bare SQL at all costs.

Vulnerable bare SQL:

This is vulnerable to arbitrary SQL injection, and a syntax error on Oracle into the bargain. The preferred way to do it is: