How to log someone trying to make sql injection How to log someone trying to make sql injection sql sql

How to log someone trying to make sql injection

You can use PHP-IDS to detect security attacks (not just SQL injection) and add custom behavior. In my case I run PHP-IDS at the start of every request. If an issue is detected, I log to the database, return a generic error message to the user and die().

Be warned though that PHP-IDS will not detect all SQL injection issues. It's not possible to do that automatically. You still need to properly handle your queries.

Edit: This answer was made before the question was significantly changed. Whilst still valid, it no longer addresses the OP's specific situation.

SQL injection is one of the easiest web application vulnerabilities to remediate. The problem-space of identifiying potential attacks, recording them, and maintaining and managing a user blacklist with usage-denial functionality is a programming exercise that is many many orders of magnitude more complex.

Learn to use parameterised queries properly and SQL injection is not something you will ever need to consider. In PHP you can acheive this using the mysqli or PDO libraries. There's a ton of questions on here that address this and many more tutorials you can reach from googling for "parameterised queries" or "prepared statements"

Don't try to cook-up a homegrown solution to a problem as serious as this. Could come back to bite you in the you_know_where.

Instead, try to see from the server logs the kind of queries and requests the users make and take a decision based on that. (for GET reqs). For POST requests, as said, you can use it.