Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

advanced_search_results.php sql injection high load


storeweb88

Recommended Posts

I have a annoying hacker that is using this mywebsite.com/advanced_search_result.php?keywords=-6928%27%29%20OR%208645%3D7985%20AND%20%28%27reOn%27%3D%27reOn&search_in_description=1&sort=1a&page=187  that causes a super high load on the mysql server. Does anyone have any suggestions on how to deal with this? I tried looking through the forums for code to update.

Link to comment
Share on other sites

On 8/10/2022 at 1:27 PM, storeweb88 said:

Does anyone have any suggestions on how to deal with this?

Install View Counter to control that. It allows you to control such issues, and others, and allows you to block the IP from admin.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

  • 10 months later...

Thank you thats a fantastic idea. I didn't do that, what I did was just changed some of the code around in the search so for example if someone types in a hackerish code like above it just cuts it out of the string, I used a replace method for that.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...