Comments on: How to use PHP to capture essential Information on 404 Error Page https://www.searchenginepeople.com/blog/capture-info-404-page-php.html?utm_source=feed&utm_medium=feed&utm_campaign=feed Canada's Search and Social Media Authority Tue, 22 Apr 2014 16:05:36 +0000 hourly 1 By: Kevin Schroeder https://www.searchenginepeople.com/blog/capture-info-404-page-php.html/comment-page-1#comment-160371 Tue, 07 Feb 2012 14:35:25 +0000 https://www.searchenginepeople.com/?p=24489#comment-160371 In reply to Kevin Schroeder.

Well, since you’re inserting the user agent you could modify the agent string to be “Whatever my user agent is’; DELETE FROM YOUR_TABLE_NAME;”

]]> By: Joydeep https://www.searchenginepeople.com/blog/capture-info-404-page-php.html/comment-page-1#comment-160156 Tue, 07 Feb 2012 03:50:58 +0000 https://www.searchenginepeople.com/?p=24489#comment-160156 In reply to Kevin Schroeder.

Kevin, do share your SQL code with us…

]]> By: Kevin Schroeder https://www.searchenginepeople.com/blog/capture-info-404-page-php.html/comment-page-1#comment-160026 Mon, 06 Feb 2012 19:08:41 +0000 https://www.searchenginepeople.com/?p=24489#comment-160026 FYI, your code is vulnerable to an SQL injection attack. The user agent and URL are retrieved from the HTTP request and contains user-generated data, which can be used to really muck up your database. Best use prepared statements instead of ad-hoc queries to insert data like this.

]]>