waynew Posted July 17, 2008 Share Posted July 17, 2008 Could somebody explain to me what it is? I've googled for it and the majority of what I get is directions on how to turn it off. I've even googled for a definition. Nothing. Could somebody please explain to me what it is? Thanks. Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/ Share on other sites More sharing options...
MadTechie Posted July 17, 2008 Share Posted July 17, 2008 This is used with sessions.. a cookie is created, or it can be passed via the URL Basically its contains a random code something like this 'uj2oqg5agtejger46qq0jicpr6', now on the server theirs a file with the same code when your browser passes info to the server, the server can read the cookie and match it up to the correct file and from that it can get your session infomation.. to sum up.. its used to link your web browser to the sessions stored on the server.. any more questions or anything you don't understand? Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592327 Share on other sites More sharing options...
unkwntech Posted July 17, 2008 Share Posted July 17, 2008 Maybe this will help http://www.php.net/manual/en/function.session-id.php Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592329 Share on other sites More sharing options...
waynew Posted July 17, 2008 Author Share Posted July 17, 2008 I understand. It's just that I found an xss exploit on a website that I have to fix up (noticed they weren't stripping GET values) and was wondering what danger it posed. I'll have to sort something out then. Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592336 Share on other sites More sharing options...
MadTechie Posted July 17, 2008 Share Posted July 17, 2008 XSS on a GET, humm.. well i guess someone could send a link via email that uses it, redirect to another site or deface the site or maybe even get their login details.. depends on the site and whats not filtered.. if PHPSESSID is not sanitized then i don't think thats a problem .. unless your displaying it.. Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592347 Share on other sites More sharing options...
unkwntech Posted July 17, 2008 Share Posted July 17, 2008 If they are passing data for SQL queries via GET then an SQL injection could be done. Example: $sql = SELECT * FROM users WHERE username='" . $_GET['username'] . "'"; Suppose i changed .php?username=myUsername to somthing like .php?username=INNER JOIN SELECT * FROM USERS of course its going to be a bit harder, i hope, but you could expose alot of informtion. Not to mention if its a windows server with mssql I know of a dozen or so current exploits that would allow me to gain access as administrator via rdc. So there are alot of potential problems. Consider what if that database I just queried contains Credit Card info... or worse. Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592416 Share on other sites More sharing options...
waynew Posted July 17, 2008 Author Share Posted July 17, 2008 I know. The security is very low on it. Something is going to have to be done to filter out all external data because at the moment it seems like a simple OR would blow it over. Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592418 Share on other sites More sharing options...
unkwntech Posted July 17, 2008 Share Posted July 17, 2008 Switch as much as you can to either $_POST or $_SESSION, or even $_COOKIE. Obviously cookies are better then post and sessions are better then cookies. Quote Link to comment https://forums.phpfreaks.com/topic/115196-solved-phpsessid/#findComment-592423 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.