Jump to content

Archived

This topic is now archived and is closed to further replies.

Ninjakreborn

security issue with case switch

Recommended Posts

I saw a huge post on here one time, about someone who was hacked, and asking for help.  After about 20-30 people on the forum examined his code, they discovered a case switch as a vunerability, I just realized I have used case switch statements(more of as a test), for almost this entire system I have created.  This advertising system, I have most pages with case statements, based on category, sub-category.  posts, and various other thing, with like a switch case statement,a nd in between each case, hundreds of lines of programming.  Is there any vunerabilities I should watch out for, with case switch statements?

Share this post


Link to post
Share on other sites
i think the thread you were referring to was the dude who based his includes on a switch with a GET variable. 

The solution was to have a predefined array of what was deemed an acceptable value in the variable, and to check the variable against the array, and only include stuff afterwards.

That is, if it's "that thread" I think you're talking about.

Share this post


Link to post
Share on other sites
There is no inherit issue with a switch... after all, its just a mechanism for making a descision. However, the outcome of those decisions could be considered a security issue if your not sure what you doing.

Share this post


Link to post
Share on other sites
I don't think you will have much to worry about as the two above have pointed out. The important part is where is the information comming from that goes into the switch. Can a user of the webpage alter this information and if the information is altered would this matter to what you are doing.

ie alter as in $_GET, $_POST, $_COOKIE

Share this post


Link to post
Share on other sites
actually yes they are, but they are post information coming from a get, or post variable.  I have 8 tables
postset1
postset2
...
postset8
and that postset number is set throughout the site, in url's and forms to pass what information along.  Like when they can edit, delete posts, it goes to a page with a case switch statement, deciding which post, userid, and postid, to pull the post from, then it updates it based on the switch on $postset

and yes that was the exact post I was speaking of.

[b]POST MERGED BY WILDTEEN88: Please learn to use the edit button. DO NOT DOUBLE post. EVen to bump your thread too! You only bump your thread when its a a couple of hours old[/b]

Share this post


Link to post
Share on other sites
You should validate the postset then. Making sure it is of a numeric value by using is_numeric and making sure postset doesnt exceed the number 8, like so:
[code=php:0]if(is_numeric($_GET['postset']) && ($_GET['postset'] <= '8'))
{
    // postset is safe!
}[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.