Jump to content

MySQL Injection

lpxxfaintxx

By lpxxfaintxx
in PHP Coding Help

 Share

Recommended Posts

wildteen88 Regular Member

wildteen88

Posted
Posted
Any data set in $_SESSION variable should be completly trustworthy as you are the one that sets the session data after all! All session data is stored on the server so the user can not see what session data is being set while they are browsing your site. The only thing you'll want to be warry of with sessions is session fixation.
Link to comment
Share on other sites
LIJI Newbie

LIJI

Posted
Posted
[!--quoteo(post=363286:date=Apr 10 2006, 03:08 PM:name=lpxxfaintxx)--][div class=\'quotetop\']QUOTE(lpxxfaintxx @ Apr 10 2006, 03:08 PM) [snapback]363286[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Would adding addslashes and strip_tags to $_POST and $_GET's prevent MySQL injection? If not, what else can I do to improve my site's security?

Concerned Web Master,

LPXXFAINTXX
[/quote]
the best and easiest way to do it is:
[code]mysql_real_escape_string($_POST['value'])) //(or $_GET)[/code]
more info:
[a href=\"http://php.net/manual/en/function.mysql-real-escape-string.php\" target=\"_blank\"]http://php.net/manual/en/function.mysql-re...cape-string.php[/a]
Link to comment
Share on other sites
Yesideez Regular Member

Yesideez

Posted
Posted
[!--quoteo(post=363584:date=Apr 11 2006, 10:15 AM:name=wildteen88)--][div class=\'quotetop\']QUOTE(wildteen88 @ Apr 11 2006, 10:15 AM) [snapback]363584[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Any data set in $_SESSION variable should be completly trustworthy as you are the one that sets the session data after all! All session data is stored on the server so the user can not see what session data is being set while they are browsing your site. The only thing you'll want to be warry of with sessions is session fixation.
[/quote]

I'm a moderator on an online game and we had a problem a while back where some players were stealing other player's session IDs and becoming them enabling them to take over accounts. The session IDs were extracted using Javascript and a special browser was used to make use of the stolen session ID.

The way I've got round it for my sites that use databases is to add two functions into the dbconnect include script, one called secureint() and the other securestr() depending on what data I'm expecting to pull from the user.

I've probably gone a bit overkill but here are the two functions:
[code]  function secureint($intstr) {
    settype($instr,'integer');
    $intint=sprintf("%d",$intstr);
    $intint=intval($intint);
    return $intint;
  }
  function securestr($oldstr) {
    $oldstr=trim($oldstr);
    $oldstr=strip_tags($oldstr);
    $oldstr=sprintf("%s",$oldstr);
    addslashes($oldstr);
    return $oldstr;
  }[/code]
And now a demo in use:
[code]$numericvar=secureint($_POST['age']);
$stringvar=securestr($_POST['name']);[/code]
They work like a charm.
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.