Command and Conquer: Renegade Official Forums: Other

Home » Technical Support » Other » PHP issue

Show: Today's Messages :: Polls :: Message Navigator

Re: PHP issue [message #438964 is a reply to message #438943]

Sat, 06 November 2010 03:03

danpaul88
Messages: 5795
Registered: June 2004
Location: England

Karma:

General (5 Stars)

Actually I disagree Crimson, protecting database inputs against injection attacks is something you should learn as early as possible so that it becomes second nature when coding in PHP.

cnc95fan, consider what would happen if I submitted your search form with the following;

$_POST['bookid'] = '0; DROP TABLE books';

Based on your current code, this would result in the following query being run;

SELECT * FROM books WHERE bookid=0; DROP TABLE books;

Obviously this is a huge security problem, however there is a simple solution: Run anything from POST or GET which will go into a database through functions to verify it is valid. For numerical (int, float) values use something like;

function prepare_db_number($number)
{
  if ( is_numeric($number) )
  {
    return $number;
  }
  return 0;
}

This is an extremely simple function which checks the input is numeric and returns it if it is. If it is NOT numeric it returns 0, preventing any SQL injection attacks through that variable.

For strings you can use something a bit like this;

function prepare_db_string( $string, $encode_html_entities = FALSE )
{
	// If magic quotes are enabled then strip the existing slashes from the string first
	if(get_magic_quotes_gpc())
		$result = stripslashes(trim($string));
	else
		$result = trim($string);

	// Encode HTML entities if required
	if ( $encode_html_entities === TRUE )
		$result = htmlentities($result);

	// Return MySQL safe string
	return mysql_real_escape_string($result);
}

This function does several things - firstly it trims whitespace from around the input string (ie: spaces or tabs before or after any actual content) and, if magic quotes are enabled, it removes the slashes (otherwise you would end up with some things double escaped). Secondly, it optionally converts special characters to their HTML entities, this is useful if you know the string is going to be output directly to HTML and you need to ensure there are no HTML tags inside of it, for example a forum post.

Finally it uses mysql_real_escape_string to escape any character sequences which could be used to break out of the string and inject an additional query.

http://steamsignature.com/card/1/76561197975867233.png

[Updated on: Sat, 06 November 2010 03:04]

Report message to a moderator

[Message index]

		PHP issue By: cnc95fan on Fri, 05 November 2010 16:24
		Re: PHP issue By: Omar007 on Fri, 05 November 2010 16:46
		Re: PHP issue By: cnc95fan on Fri, 05 November 2010 16:51
		Re: PHP issue By: Omar007 on Fri, 05 November 2010 16:55
		Re: PHP issue By: Crimson on Fri, 05 November 2010 17:18
		Re: PHP issue By: danpaul88 on Sat, 06 November 2010 03:03
		Re: PHP issue By: cnc95fan on Mon, 08 November 2010 15:35
		Re: PHP issue By: danpaul88 on Mon, 08 November 2010 16:07
		Re: PHP issue By: cnc95fan on Thu, 11 November 2010 12:15
		Re: PHP issue By: danpaul88 on Thu, 11 November 2010 12:37
		Re: PHP issue By: cnc95fan on Thu, 11 November 2010 12:43
		Re: PHP issue By: danpaul88 on Thu, 11 November 2010 12:48
		Re: PHP issue By: cnc95fan on Fri, 12 November 2010 16:06
		Re: PHP issue By: danpaul88 on Sat, 13 November 2010 02:02
		Re: PHP issue By: cnc95fan on Sun, 14 November 2010 12:40
		Re: PHP issue By: danpaul88 on Mon, 15 November 2010 06:28
		Re: PHP issue By: cnc95fan on Tue, 16 November 2010 15:09
		Re: PHP issue By: danpaul88 on Tue, 16 November 2010 15:42
		Re: PHP issue By: Zion on Tue, 16 November 2010 16:40
		Re: PHP issue By: Ethenal on Tue, 16 November 2010 22:44
		Re: PHP issue By: cnc95fan on Sat, 20 November 2010 13:51
		Re: PHP issue By: Omar007 on Sat, 20 November 2010 16:04
		Re: PHP issue By: cnc95fan on Sat, 20 November 2010 16:07
		Re: PHP issue By: danpaul88 on Sun, 21 November 2010 15:25
		Re: PHP issue By: cnc95fan on Sun, 21 November 2010 16:14
		Re: PHP issue By: danpaul88 on Mon, 22 November 2010 09:56
		Re: PHP issue By: cnc95fan on Mon, 06 December 2010 09:13
		Re: PHP issue By: danpaul88 on Mon, 06 December 2010 10:00
		Re: PHP issue By: cnc95fan on Mon, 06 December 2010 11:30
		Re: PHP issue By: danpaul88 on Mon, 06 December 2010 15:45
		Re: PHP issue By: cnc95fan on Mon, 06 December 2010 15:56
		Re: PHP issue By: danpaul88 on Tue, 07 December 2010 05:33
		Re: PHP issue By: cnc95fan on Tue, 07 December 2010 06:09
		Re: PHP issue By: danpaul88 on Tue, 07 December 2010 11:26
		Re: PHP issue By: cnc95fan on Tue, 07 December 2010 11:52
		Re: PHP issue By: danpaul88 on Tue, 07 December 2010 11:56
		Re: PHP issue By: cnc95fan on Tue, 07 December 2010 11:58
		Re: PHP issue By: cnc95fan on Sun, 06 February 2011 10:14

Previous Topic:	GameSpy
Next Topic:	Generals... AGAIN

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Nov 22 20:06:23 MST 2024

Total time taken to generate the page: 0.01042 seconds