clown[NOR] Posted April 11, 2007 Share Posted April 11, 2007 i added my test site to the beta test forum, and one of the replies i got was: Well, your login is very easy to bypass, and you're open to XSS in your entries. You'll notice that I entered a test movie with some javascript in the review that pops up in the first screen. Also, you're open to SQL injection in your ORDER BY clause when you sort by something. how can i fix this? Quote Link to comment Share on other sites More sharing options...
rpadilla Posted April 11, 2007 Share Posted April 11, 2007 You'll need to read more about security and stuff, its a bit complicated, best way is get a free forum script and make sure its updated. cheers Quote Link to comment Share on other sites More sharing options...
clown[NOR] Posted April 11, 2007 Author Share Posted April 11, 2007 well... this was for my "My Favorite Movie" script =) hehe.... but anyway... could something like this done the trick agains the SQL injection? done some google searches on that and on wikipedia.org they used this exact code (only change is the variable and table name) $result = mysql_query ( "select * from mfm_users where username = '" . mysql_real_escape_string($mfm_USER) . "'" ); Quote Link to comment Share on other sites More sharing options...
gluck Posted April 11, 2007 Share Posted April 11, 2007 Google SQL Injection Quote Link to comment Share on other sites More sharing options...
clown[NOR] Posted April 11, 2007 Author Share Posted April 11, 2007 you didnt read my post did you gluck? well... this was for my "My Favorite Movie" script =) hehe.... but anyway... could something like this done the trick agains the SQL injection? done some google searches on that and on wikipedia.org they used this exact code (only change is the variable and table name) Quote Link to comment Share on other sites More sharing options...
obsidian Posted April 11, 2007 Share Posted April 11, 2007 Clown, to make sure that someone has something valid in there, all you really have to do is something like this: <?php if (isset($_POST['username']) && isset($_POST['password'])) { $user = trim($_POST['username']); $pass = trim($_POST['password']); if (empty($user) || empty($pass)) { // error out - empty strings being submitted } else { $q = "SELECT * FROM userTable WHERE username = '" . mysql_real_escape_string($user) . "' AND password = MD5('" . mysql_real_escape_string($pass) . "')"; // Check your results here } } ?> Hope this helps. Quote Link to comment Share on other sites More sharing options...
clown[NOR] Posted April 11, 2007 Author Share Posted April 11, 2007 yup it did... had made something simular ... but that one looked nicer, and had less lines... so I'm using it...thanks for the help Quote Link to comment Share on other sites More sharing options...
![clown[NOR]](data:image/svg+xml,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20viewBox%3D%220%200%201024%201024%22%20style%3D%22background%3A%2362c464%22%3E%3Cg%3E%3Ctext%20text-anchor%3D%22middle%22%20dy%3D%22.35em%22%20x%3D%22512%22%20y%3D%22512%22%20fill%3D%22%23ffffff%22%20font-size%3D%22700%22%20font-family%3D%22-apple-system%2C%20BlinkMacSystemFont%2C%20Roboto%2C%20Helvetica%2C%20Arial%2C%20sans-serif%22%3EC%3C%2Ftext%3E%3C%2Fg%3E%3C%2Fsvg%3E)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.