Craig Francis
I’ve been creating websites for… too many years, with a particular focus on improving security. I gave early feedback on CSP, TrustedTypes, SameSite cookies, and SiteIsolation developments (as I believe these techniques actually address the respective problems). I’m currently one of the OWASP Bristol UK co-leads, help run a couple of Code Clubs for 8 - 12 year olds, I’m the WordPress Database component maintainer, and I’m currently working on how to solve Injection Vulnerabilities.
All 2025 speakersSessions in 2025
Ending Injection Vulnerabilities
Porter Tun - 10.00
Imagine you are working a project that uses Doctrine for your database abstraction, you think you are safe from SQL Injection vulnerabilities, but a developer has just written:
php
$qb->select('u')
->from('User', 'u')
->where('u.id = ' . $_GET['id']);$qb->select('u')
->from('User', 'u')
->where($qb->expr()->andX(
$qb->expr()->eq('u.type_id', $_GET['type']),
$qb->expr()->isNull('u.deleted'),
));
Even when using abstractions, or parameterised queries, we can still make mistakes; this is often a problem for junior developers, but it can also happen when our code becomes complicated.