 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
The big concern re: sanitizing input here is SQL injection. If a user
inputs a hash value like '20394kljadlk903; DELETE FROM
your_hash_table', your executed query would be:
SELECT DISTINCT hash FROM your_hash_table WHERE hash = '$hash'; DELETE
FROM your_hash_table
If these both successfully execute, you will retrieve the distinct
hash value, but subsequently delete everything in your table.
If the user is simply inputting a hash value, consider using a regular
expression or some means of validating what you expect to receive as a
hash value. For example, if it's a 20-character string of letters and
numbers, the user will not be able to enter something malicious such
as "DELETE FROM" if you don't allow spaces.
This was a pretty lame example I have provided, but it's probably what
your friend was getting at in terms of santization. You just need to
make sure the input you're processing is the input you expect to be
getting.
-Danny
Quoting Eric C <eric at newmag.org>:
>>> smattering of PHP (if you saw the code for the
> tracker
>>> I'm making you would give yourself a tummy ache
>>> giggling) I assumed that those were variables I'm
>
>> Do tell! And let us know what you need help with.
>
> Well if I'm going to ask a question it should probably
> be on the part where I'm most likely to get cracked,
> user input. Below is the page to handle a form on
> index.php. Now stop laughing! It's my first module.
> Anyway, if any of you real programmers see any
> particularly idiotic screwups please let me know. A
> friend mentioned that I should sanitize the users
> input. Any suggested reading on some simple ways to
> do this? Thanks for suggestions.
> - Eric C.
>
> ****************************************
>
> <?php
> /*
> * xpsTorrent! - a bittorrent tracker module for
> XOOPS
> *
> * form.php
> */
>
> require('../../mainfile.php');
> require(XOOPS_ROOT_PATH.'/header.php');
> global $xoopsDB;
> global $xoops_url;
>
> $name=htmlspecialchars($_POST['name']);
> $hash=htmlspecialchars($_POST['hash']);
> $announce=$_POST['announce'];
> $metadata=$_POST['metadata'];
> $linkback=$xoops_url;
>
> // Let's check to see if this hash is already in the
> database
> $query = "SELECT DISTINCT hash FROM
> ".$xoopsDB->prefix('xps_torrents'). " WHERE hash =
> '$hash'";
> $result = $xoopsDB->query($query);
> if ($result) {
> if ($xoopsDB->getRowsNum($result) > 0) {
> echo " <p>This torrent is already in our database.
> <b>Please try again.</b></p>
> <a href=$linkback>Click here to return to the
> main page.</a>";
> }
> else {
> // Insert a row into the table
> $sql = "INSERT INTO
> ".$xoopsDB->prefix('xps_torrents');
> $sql .= " ( name, hash, announce, metadata,
> last_scrape ) VALUES ";
> $sql .= " ( '$name', '$hash', '$announce',
> '$metadata', NOW() )";
>
> if ( ! $xoopsDB->query($sql) ) {
> echo( $xoopsDB->error." : ".$xoopsDB->errno );
> }
> echo " <p>Your information has been successfully
> added to the database.</p>
> <a href=$linkback>Click here to return to the
> main page.</a>";
> }
> }
> require(XOOPS_ROOT_PATH.'/footer.php');
>
> ?>
>
> ****************************************
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
