Jump to content

Recommended Posts

basicly what I'm doing, I'm working on a registration form, and I want it to be as secure as possible, so I don't becoma victim of SQL Injection and other stuff... So this is what I've got so far..

 

<?php

global $error;
$regUser = $_POST['username'];
$regPass1 = $_POST['pass1'];
$regPass2 = $_POST['pass2'];
$regName = $_POST['name'];
$regBorn = $_POST['month'] . "-" . $_POST['day'] . "-" . $_POST['year'];
$regGender = $_POST['gender'];
$regCountry = $_POST['country'];
$regCity = $_POST['city'];
$regEmail = $_POST['email'];
$regWebsite = $_POST['website'];

$error = array();
// Look for empty fields
if (empty($regUser)) { $error[] = "You did not enter a username"; }
if (empty($regPass1)) { $error[] = "You did not enter a main password"; }
if (empty($regPass2)) { $error[] = "You did not enter a confirmation password"; }
if (empty($regName)) { $error[] = "You did not enter your name"; }
if (empty($regEmail)) { $error[] = "You did not enter your email"; }

// Confirm password
if ($regPass1 != $regPass2) { $error[] = "Passwords didn't match"; }

// Check if the length is ok on requested fields
if (strlen($regUser) > 10) { $error[] = "Your username must contain less than 10 characters"; }
if (strlen($regUser) < 4) { $error[] = "Your username must contain more than 4 characters"; }
if (strlen($regPass1) < 6) { $error[] = "Your password must contain more than 6 charaters"; }
if (strlen($regPass) > 10) { $error[] = "Your password must contain less than 10 characters"; }

// Strip for any tags
$regUser = strip_tags($regUser);
$regPass1 = strip_tags($regPass1);
$regPass2 = strip_tags($regPass2);
$regName = strip_tags($regName);
$regCountry = strip_tags($regCountry);
$regCity = strip_tags($regCity);
$regEmail = strip_tags($regEmail);
$regWebsite = strip_tags($regWebsite);

// Replace "bad" characters
$regBadChars = array("'", "\\", "\"");
$regUser = str_replace($regBadChars, "", $regUser);
$regPass1 = str_replace($regBadChars, "", $regPass1);
$regPass2 = str_replace($regBadChars, "", $regPass2);
$regName = str_replace($regBadChars, "", $regName);
$regCountry = str_replace($regBadChars, "", $regCountry);
$regCity = str_replace($regBadChars, "", $regCity);
$regEmail = str_replace($regBadChars, "", $regEmail);
$regWebsite = str_replace($regBadChars, "", $regWebsite);

if (!empty($error)) {
	header("Location: index.php?view=signup");
} else { 
	echo "No errors!";
}

?>

 

I know I porbably should have use preg_replace or something like that instead of str_replace, but I just can figure out how to use it properly... can you guys see any thing that makes my script unsecure?

 

Thanks In Advance

- Clown

Link to comment
https://forums.phpfreaks.com/topic/46981-solved-help-need-to-secure-my-form/
Share on other sites

Waiting 1.5 hours for an answer to your question is not very long. You can bump your question if no one has replied in 3 to 4 hours, but when you mark it "solved", you almost guarantee that you will not get an answer.

 

Ken

yeah... but it wasnt really that important ... was just a quick question... and my post was dropping on the list anyway.. lot's of new replies but none on mine... so I just marked it as solved... but when you were in here reading the post it would have been nice if you might dropped 2-3 ideas on how to make it more secure =)

mysql_real_escape_string.  It's the most useful anti-injection function out there.  You can use mysql_escape_string as well, but mysql_real_escape_string will respect the current character set that is being used in the database.  (Note that mysql_real_escape_string can only be used after there is a database connection resource).

their was a bug with mysql_real_escape_string

 

E.1.7. Changes in release 5.0.22 (24 May 2006)

 

Bugs fixed:

 

    *      Security fix: An SQL-injection security hole has been found in multi-byte encoding processing. The bug was in the server, incorrectly parsing the string escaped with the mysql_real_escape_string() C API function. (CVE-2006-2753, Bug#8378)

 

check your up-to-date

 

basically it didn't filter chr(0xbf) or chr(0x27)

He's quoting information from a changelog.  Obviously the MySQL release prior to 5.0.22 had a bug in the mysql_real_escape_string, as it was not properly dealing with two characters.  Just make sure you keep your MySQL server updated.  As far as I know, this exploit wasn't in MySQL 4, so if you're still on that, you should be fine...but you can upgrade to the newest MySQL server anyways just for improved functionality.

well i'm getting my own domain now... but until I get my pay check I'm just using wamp...and wamp's using 5.0.27... and the host I'm going to use have 4 something.. and I think they have, or is about to upgrade to 5.0.27 or something like that

This will stop sql injection but limits the input, i normallt use this for the login, but remember the security holes are normally in the hidden little place you didn't notice and rarely in the place you add all you cool protection scripts

 

<?php
function paranoid($string)
{
  $string = preg_replace("/[^a-zA-Z0-9]/", "", $string);
  return $string;
}

?>

thanks MadTechie

 

i really need to learn that preg, ereg, regex and so on... as I said in the first post... I've been reading x numbers of tutorials and "how to's"... but I jsut cant get it to work... anyone knows a really good tutorial that actually breaks the whole thing up in small pieces and explains what basicly every single thing does?

<?php
function paranoid($string)
{
  $string = preg_replace("/[^a-zA-Z0-9]/", "", $string);
  return $string;
}

?>

 

I'm learning myself, infact i have to learn it now due to a project i am on,

 

heres a quick break down

 

$string = preg_replace("/[a-zA-Z0-9]/", "", $string);

 

replace all characters within the ranges a-z and A-Z and 0-9 with "" (nothing)

But i used ^ this mean excluding so

$string = preg_replace("/[^a-zA-Z0-9]/", "", $string);

replace all characters EXCEPT characters within the ranges a-z and A-Z and 0-9 with "" (nothing)

 

the / are delimiter this just tells the preg_replace where to start and end

the [ means starting a range and ] means ending a range

 

of course theirs alot more too it and this is kinda basic... :o

but i'm gettng their  ;D

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.