Jump to content

[SOLVED] Can someone just check this code for me?

merylvingien

By merylvingien
in PHP Coding Help

Recommended Posts

merylvingien Regular Member

merylvingien

Posted
Posted

Hi fellas, i'm back with yet another silly problem. Whilst doing some checks i have noticed a security hole in my code that i am trying to patch up.

If i manipulate a sign up page, i can overwrite the database where it shouldnt be able to do so, and if i can do it, loads of other people can LOL

 

So i put in place a check that stop this, but its not quite right. The output is messy.

 

Here is the code block i have:

 

if(isset($_POST['signupID'])) {
foreach($_POST['signupID'] as $item) {
$sql = "SELECT pagestate FROM postcode WHERE postcodeID=$item";
      mysql_query($sql) or trigger_error("SQL: $sql, ERROR: " . mysql_error(), E_USER_ERROR);
      $result = mysql_query($sql);
     
$row2 = mysql_fetch_assoc($result);
if($row2['pagestate'] === 'T') {echo "<p>You have tried to cheat!</p>";}
else {everything is ok insert into database
}	  
}
echo somestuff
mail some stuff
}

 

If i try and hack my site, that check prevents it from happening, but it outputs "You have tried to cheat!" as many times as there is a $item posted. I understand that its becuase it is in the code block foreach!

But i am scratching my ass trying to work out how to do it so it checks all $item and only posts the message once without echoing "somestuff"

 

Any help!!! Its something simple i know and i make myself look very stupid everytime i post something on here...

alpine Member

alpine

Posted
Posted

This is perhaps what you are asking for when using your current code

if(isset($_POST['signupID'])) {

$cheater = false;

foreach($_POST['signupID'] as $item) {
$sql = "SELECT pagestate FROM postcode WHERE postcodeID=$item";
      mysql_query($sql) or trigger_error("SQL: $sql, ERROR: " . mysql_error(), E_USER_ERROR);
      $result = mysql_query($sql);

$row2 = mysql_fetch_assoc($result);
if($row2['pagestate'] === 'T') {$cheater = true;}
else {everything is ok insert into database
}
}

if($cheater == true){
  echo "You have tried to cheat!";
}

echo somestuff
mail some stuff
}

merylvingien Regular Member

merylvingien

Posted
  • Author
Posted

Thanks fellas, i tried the $item = mysql_escape_string($item) and that didnt work and i tried the last one and that outputs "You have tried to cheat!" Again and again like before, at least i dont have the other output showing now LOL

I also realised that i didnt need to have the 

if(isset($_POST['signupID'])) {

in there as it will always be set by the time this page is reached.

 

So now i have

 

$cheater = false;
foreach($_POST['signupID'] as $item) {
$sql = "SELECT pagestate FROM postcode WHERE postcodeID=$item";
      mysql_query($sql) or trigger_error("SQL: $sql, ERROR: " . mysql_error(), E_USER_ERROR);
      $result = mysql_query($sql);
     
$row2 = mysql_fetch_assoc($result);
if($row2['pagestate'] === 'T') {$cheater = true;}
else {
$sql = "insert into database";
      mysql_query($sql) or trigger_error("SQL: $sql, ERROR: " . mysql_error(), E_USER_ERROR);
      $result = mysql_query($sql);  
}


if($cheater == true){
  echo "You have tried to cheat!";
}
else
if ($cheater == false) {echo"<h2>Final stage complete!</h2><p>Thank you for joining</p><br>
<p>A comfirmation email has been dispatched to your inbox.</p>
<p>If you do not recieve this email, please check your spam filter and allow emails to be recieved from</p>";
}

mail();
mail();
}

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.