security and php

jagguy · July 1, 2007

Hi,

I am developing a website with login and passwrod , session vars etc.The site allows uploads and downloads of small <3mb files and allows messages to be uploaded. Now I use mysql as well for all this storage.

q)What are some of the security concerns I haven't addressed?

q) what about this (I asked this before with no response) but it looks critical to my needs.

on php manual it says

Note:If you are not experienced with session programming it is not recommended that you use sessions on a website that requires high-security, as there are security holes that take some advanced techniques to plug.

clanstyles · July 1, 2007

Yeah, sessions are the safest by fair. You can't mess them up they can't be "Manipulated" like cookies can to give you access.

Also with security issues. The only one would be xss. Cross Site Scripting. To stop that just do this around strings before puting them into your database.

trim(mysql_real_escape_string(strip_tags($str)));

jagguy · July 1, 2007

Ok I will check this out

trim(mysql_real_escape_string(strip_tags($str)));

I found this atricle and I don't use cookies for now.

http://phpsec.org/projects/guide/4.html

As for security there are things here that baffle me like from this article above

I don't get wh the ask for the password again. Is this on every page that uses sessions ?

session_start();

if (isset($_SESSION['HTTP_USER_AGENT']))

{

if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))

{

/* Prompt for password */

exit;

}

else

{

$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);

}

my code is like

--

session_start();

echo $_SESSION['uid'] ;

if (!isset($_SESSION['uid']))

{

header( "Location: http://localhost/school/test/login.php" );

exit;

jagguy · July 2, 2007

>. Cross Site Scripting. To stop that just do this around strings before puting them into your database.

Hi,

I did this but my script failed to run with no output. It works if I take them out .

Why does this crash my script

trim(mysql_real_escape_string(strip_tags($comment)));

trim(mysql_real_escape_string(strip_tags($title)));

king arthur · July 2, 2007

As for security there are things here that baffle me like from this article above

I don't get wh the ask for the password again. Is this on every page that uses sessions ?

session_start();

if (isset($_SESSION['HTTP_USER_AGENT']))

{

if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))

{

/* Prompt for password */

exit;

}

}

else

{

$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);

}

What this is doing is checking that the user agent currently using this session is the same as the one that previously used it - i.e. it is attempting to prevent session hijacking. If the session ID is propagated in the URL instead of being stored in a cookie, that session could be hijacked by someone accessing the site with the same session ID in the URL. But the chances are their user agent would be different, so the above code would lock them out.

jagguy · July 3, 2007

Hi,

Thanks for the information.

What about the Cross Site Scripting? How do i fix this?

jagguy · July 3, 2007

q) I have files stored a dir that can be accessed by an url (eg .txt .doc files). How do I stop people from accessing these unless they have required login?

Sign In

security and php

Recommended Posts

jagguy

Link to comment

Share on other sites

clanstyles

Link to comment

Share on other sites

jagguy

Link to comment

Share on other sites

jagguy

Link to comment

Share on other sites

king arthur

Link to comment

Share on other sites

jagguy

Link to comment

Share on other sites

jagguy

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information