Osama Kakhia

a story of life

Posted: 2008-09-26 22:02:22
Comments:Add Yours | View

Handling User Submitted Data

Many times you'd write a php script that requires the user interaction. The first example would be the "login" page, a user has to submit his username & password to gain access. Behind these returned values lays a great security issue if you don't handle them properly. It's not a weakness of php, but an issue of a writing a code without having security in mind.

Look at following php code, (originally copied from php.net)

<?php
// define $authorized = true only if user is authenticated
if (authenticated_user()) {
    $authorized = true;
}
// Because we didn't first initialize $authorized as false, this might be
// defined through register_globals, like from GET auth.php?authorized=1
// So, anyone can be seen as authenticated!
if ($authorized) {
    include "/highly/sensitive/data.php";
}
?>

Thus, what has to be done?


FIRST: don't rely on "register_globals", -this feature is removed as of PHP 6.., but instead use $_POST, $_GET or $_COOKIE
You might even use $_REQUEST, but it's unrecommended, unless you don't care how the variables are made available to the script.

SECOND: Never trust these variables without "validating" them. Specially if you are about to use them in a database query. Always validate & escape them using functions like "htmlspecialchars", "quotemeta" or "mysql_real_escape_string".

THIRD: Always initialize the variables inside the script. You can check for uninitialized variables with "error_reporting".

FOURTH:  Always unset variables that contain sensitive data if there are no use for them further in the script. Use "unset" or "array_splice".

FIFTH: Never store sensitive user data in "Session" or "Cookie" in a plain text format. Encrypt it using "md5" or "sha1".

SIXTH: Take the time to consider the implications of a given piece of code. Assume if an unexpected variable is submitted to it.



Add Your Comments:

Username:
Email: Hide my email from public
Comments:
Security Code:


 Audio
 Reload Image

 
No comments yet! Be the first to add yours