FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Delete records from ... to





pollux1er
I have a database where 5000 records have been made by injection. Now I want to remove the bad records over the good one. I've been told that I can do it with a query inside phpmyadmin interface. But i don't know the request I should type.Please help me.
rvec
what's the difference between the good and the bad ones?
pollux1er
I mean that hackers have made 5000 insertion into my database. The bad ones are the insertion made by the hacker. The good one are the first 50 records. That is what I need to delete them once with one request.
Hogwarts
You need something to distinguish the 'evil' ones from the normal ones, otherwise you can't 'target' the evil ones for deletion Sad
pollux1er
Hogwarts wrote:
You need something to distinguish the 'evil' ones from the normal ones, otherwise you can't 'target' the evil ones for deletion Sad


No need! The 50 first records are mine! But the others (i.e that was made by the hacker) begin from the 51st to the end.

I need a mysql query to delete them!
AftershockVibe
Assuming your table is indexed properly with a primary key (lets call it "id") then you'll need to find the "id" of the 50 records (i.e. The last correct one) and then run the following:

Code:
DELETE FROM table
WHERE id > [number]


[number] is probably 50 if the index starts at one but don't bet on it - better safe than sorry.

To view the first 55 entries and work out which index you need use:
Code:
SELECT * FROM table LIMIT 55


Cool
imagefree
pollux1er wrote:
Hogwarts wrote:
You need something to distinguish the 'evil' ones from the normal ones, otherwise you can't 'target' the evil ones for deletion Sad


No need! The 50 first records are mine! But the others (i.e that was made by the hacker) begin from the 51st to the end.

I need a mysql query to delete them!

the above mentioned query should work, but first backup.
pollux1er
AftershockVibe wrote:
Assuming your table is indexed properly with a primary key (lets call it "id") then you'll need to find the "id" of the 50 records (i.e. The last correct one) and then run the following:

Code:
DELETE FROM table
WHERE id > [number]


[number] is probably 50 if the index starts at one but don't bet on it - better safe than sorry.

To view the first 55 entries and work out which index you need use:
Code:
SELECT * FROM table LIMIT 55


Cool


Thanks a lot, That query worked!!!
Code:
DELETE FROM table
WHERE id > [number]
Wink
albuferque
CREATE TABLE temporary_tableau SELECT * FROM hacked_table LIMIT 50;
DROP TABLE hacked_table;

CREATE TABLE hacked_table SELECT * FROM temporary_tableau;
TRUNCATE TABLE temporary_tableau;
kv
albuferque wrote:
CREATE TABLE temporary_tableau SELECT * FROM hacked_table LIMIT 50;
DROP TABLE hacked_table;

CREATE TABLE hacked_table SELECT * FROM temporary_tableau;
TRUNCATE TABLE temporary_tableau;


That may work most of the times, but sql engines do not guarantee that the order of rows are consistent if you do not specify a sort condition.
pollux1er
Now I have a very very big problem guys!!! . Crying or Very sad

I changed the name of the database, chage the password, change even the passworg of the host, but they are still making insertions into my database!!

How can they do? How to send this new problem to another topic?

Please help me (already 5977 autoincrement)
kacsababa
SQL injection problem is mostly on the PHP (or other language) side. So the problem is with your script where people can input and send code. You have to filter every data which you will store in the database.

A quote from myself Very Happy from the "Web service username/password safety" topic.
kacsababa wrote:
Always make sure to check the validy of the information which comes to your application.
On this vulnerability search for "SQL Injection", "XSS Attack" or "XSS Hack" and "CSRF" and "XSRF" attacks and that how can you protect yourself from these. These are the most common attacks on the "frontline".
kv
or it may be an automated process just creating entries using the registration page -- if you have one. If that is the case, use captcha in your registration page.
pollux1er
kv wrote:
or it may be an automated process just creating entries using the registration page -- if you have one. If that is the case, use captcha in your registration page.


There is already captcha on it. Have a look : http://www.patricia-serge.net/livre-or.php
But the record are still made.
Related topics
Script php about gallery
Can't delete module folder from postnuke?
can delete public_html?
Delete all over 3 week old posts
SQL Basics
Can not delete files
How i can delete my account?
Is my web will be delete, if no action for a long time ?
mail system......an mysql....
MIcrosoft SQL Server- Help for deleting records
Deleting/adding records online
Age of consent for religion?
Simple PHP Login Script
Delete and insert records from one table to another table.
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.