Jump to content

Recommended Posts

Hi, below is my coding for my search.php. I am aware that it is exposed to risks, I am new to PHP and was hoping that somebody could help me with the coding to reduce these risks?

 

Thanks

 

<?php

//get data
$button = (isset($_GET['submit'])) ? $_GET['submit'] : "default_value";
$search = (isset($_GET['search'])) ? $_GET['search'] : "default_value";

if (!$button)
{
   echo "You didn't submit a keyword.";
}
else
{
   if (strlen($search)<=2)
   {
      echo "Search term too short.";
   }
   else
   {
      echo "You searched for <b>$search</b><hr size='1'>";
      //connect to our database
      mysql_connect("localhost","root","");
      mysql_select_db("jobjar");
      //explode our search term
      $search_exploded = explode(" ",$search);

      foreach($search_exploded as $search_each)
      {
         //construct query
	 $x = 0;
$construct = "";
         $x++;
         if ($x==1)            
         {
            $construct .= " Keywords LIKE '%$search_each%'";
         }
         else
         {
            $construct .= " OR Keywords LIKE '%$search_each%'";
         }
      }
   
      //echo out construct
      $construct = "SELECT * FROM jobs WHERE $construct";
      $run = mysql_query($construct);
      $foundnum = mysql_num_rows($run);

      if ($foundnum==0)
      {
         echo "No jobs found.";
      }
      else
      {
         echo "$foundnum found!<p><br>";
   
         while ($runrows = mysql_fetch_assoc($run))
         {
            //get data
            $Title = $runrows['Title'];
            $Location = $runrows['Location'];
            $Salary = $runrows['Salary'];
            $Sector = $runrows['Sector'];
            $JobType = $runrows['Job Type'];
            $Duration = $runrows['Duration'];
            $JobRef = $runrows['Job Ref'];
            $Description = $runrows['Description'];
      
            echo "<b>Title:</b> $Title<br> 
            <b>Location:</b> $Location<br> 
            <b>Salary:</b> $Salary<br>
            <b>Sector:</b> $Sector<br>
            <b>Job Type:</b> $JobType<br>
            <b>Duration:</b> $Duration<br>
            <b>Job Ref:</b> $JobRef<br>
            <b>Description:</b> $Description<p><br>";
         }
      }
   }
}


?>

Link to comment
https://forums.phpfreaks.com/topic/171985-solved-php-coding-exposed-to-risks/
Share on other sites

First of all make a designated mysql user for that project/database you are using.  I am assuming though for now you're using root for development purposes.

 

Use "mysql_real_escape_string($Variable);" for all the variables that come from user input.

 

http://us2.php.net/manual/en/function.mysql-real-escape-string.php

if (!$button) is never true because it's either the value of $_GET['submit'] or the default_value. Use instead:

 

$button = (isset($_GET['submit'])) ? $_GET['submit'] : null;

 

To secure your application validate the input apply what you know for example if search may only contain alphabetic characters use:

 

if (!ctype_alpha($search)) {//invalid does contain characters not found in the alphabet

 

Search must contain a certain length?

 

if (!isset($search[5])) {//invalid must be atleast 6 characters long (strings are zero-based if you wonder why 5)

First of all make a designated mysql user for that project/database you are using.  I am assuming though for now you're using root for development purposes.

 

Use "mysql_real_escape_string($Variable);" for all the variables that come from user input.

 

http://us2.php.net/manual/en/function.mysql-real-escape-string.php

 

So where would I insert that code?

<?php

//get data
$button = (isset($_GET['submit'])) ? $_GET['submit'] : "default_value";
$search = (isset($_GET['search'])) ? $_GET['search'] : "default_value";

if (!$button)
{
   echo "You didn't submit a keyword.";
}
else
{
   if (strlen($search)<=2)
   {
      echo "Search term too short.";
   }
   else
   {
      echo "You searched for <b>$search</b><hr size='1'>";
      //connect to our database
      mysql_connect("localhost","root","");
      mysql_select_db("jobjar");
      
      $button = mysql_real_escape_string($button);
      $search = mysql_real_escape_string($search);


      //explode our search term
      $search_exploded = explode(" ",$search);

      foreach($search_exploded as $search_each)
      {
         //construct query
       $x = 0;
$construct = "";
         $x++;
         if ($x==1)            
         {
            $construct .= " Keywords LIKE '%$search_each%'";
         }
         else
         {
            $construct .= " OR Keywords LIKE '%$search_each%'";
         }
      }
   
      //echo out construct
      $construct = "SELECT * FROM jobs WHERE $construct";
      $run = mysql_query($construct);
      $foundnum = mysql_num_rows($run);

      if ($foundnum==0)
      {
         echo "No jobs found.";
      }
      else
      {
         echo "$foundnum found!<p><br>";
   
         while ($runrows = mysql_fetch_assoc($run))
         {
            //get data
            $Title = $runrows['Title'];
            $Location = $runrows['Location'];
            $Salary = $runrows['Salary'];
            $Sector = $runrows['Sector'];
            $JobType = $runrows['Job Type'];
            $Duration = $runrows['Duration'];
            $JobRef = $runrows['Job Ref'];
            $Description = $runrows['Description'];
      
            echo "<b>Title:</b> $Title<br> 
            <b>Location:</b> $Location<br> 
            <b>Salary:</b> $Salary<br>
            <b>Sector:</b> $Sector<br>
            <b>Job Type:</b> $JobType<br>
            <b>Duration:</b> $Duration<br>
            <b>Job Ref:</b> $JobRef<br>
            <b>Description:</b> $Description<p><br>";
         }
      }
   }
}
?>

 

As far as I see by glancing at it, only $button and $search are from GET so I did it right under the mysql connect.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.