Re: question about safe - question no. 2
am 27.01.2008 20:52:28 von Jerry Stuckle
MZ wrote:
> Hello!
>
> How to prevent from such try of attack of the website?
>
>
> http://www.domain.com/index.php?id=%3Cscript%3Ealert(documen t.cookie);%3C/script%3E
>
>
> Thank you in advance for help
> M.
>
>
>
As in your other question, there is no inherent vulnerability in PHP for
this.
But this is also javascript, not PHP, and PHP doesn't execute javascript.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Re: question about safe - question no. 2
am 27.01.2008 21:01:54 von Kamyk
U¿ytkownik "Jerry Stuckle" napisa³ w wiadomo¶ci
news:4YWdnYxNTt_OfAHanZ2dnUVZ_gadnZ2d@comcast.com...
> MZ wrote:
>> Hello!
>>
>> How to prevent from such try of attack of the website?
>>
>>
>> http://www.domain.com/index.php?id=%3Cscript%3Ealert(documen t.cookie);%3C/script%3E
>> Thank you in advance for help
>> M.
>>
>>
>>
>
> As in your other question, there is no inherent vulnerability in PHP for this.
>
> But this is also javascript, not PHP, and PHP doesn't execute javascript.
>
Yes I knew it is javascript code, but I asked it because if there would be a
problem
so this problem would in PHP.
I also has one more question to you:
If I have parameter which is a number and send it by GET method, i.e.
www.domain.com/index.php?id=1
Can you write me if such PHP protection will be sufficient after generating such
URL:
if ($_GET["id"]>0 && $_GET["id"]<99999999999 && is_numeric($_GET["id"]))
{
//then execute the following code
//checking if there is a record in the database which has id = 1 if so then
executing the rest of the code
}
else
{
not executing code
}
99999999999 is the max value because it is declared as BIGINT(11)
Thank you for your help
M.
Re: question about safe - question no. 2
am 27.01.2008 21:11:09 von Jerry Stuckle
MZ wrote:
>
> U¿ytkownik "Jerry Stuckle" napisa³ w
> wiadomo¶ci news:4YWdnYxNTt_OfAHanZ2dnUVZ_gadnZ2d@comcast.com...
>> MZ wrote:
>>> Hello!
>>>
>>> How to prevent from such try of attack of the website?
>>>
>>>
>>> http://www.domain.com/index.php?id=%3Cscript%3Ealert(documen t.cookie);%3C/script%3E
>>> Thank you in advance for help
>>> M.
>>>
>>>
>>>
>>
>> As in your other question, there is no inherent vulnerability in PHP
>> for this.
>>
>> But this is also javascript, not PHP, and PHP doesn't execute javascript.
>>
>
> Yes I knew it is javascript code, but I asked it because if there would
> be a problem
> so this problem would in PHP.
>
And exactly what would the PHP problem be? PHP doesn't execute JavaScript.
> I also has one more question to you:
>
> If I have parameter which is a number and send it by GET method, i.e.
>
> www.domain.com/index.php?id=1
>
> Can you write me if such PHP protection will be sufficient after
> generating such URL:
>
> if ($_GET["id"]>0 && $_GET["id"]<99999999999 && is_numeric($_GET["id"]))
> {
> //then execute the following code
>
> //checking if there is a record in the database which has id = 1 if so
> then executing the rest of the code
> }
> else
> {
> not executing code
> }
>
> 99999999999 is the max value because it is declared as BIGINT(11)
>
> Thank you for your help
> M.
>
No, it's not.
First of all, you need to check to see if it's numeric BEFORE the other
tests. But if it's an integer id, then you need to ensure the value is
an integer - for instance:
$id = intval($_GET['id']);
if (strval($id) != $_GET['id'])
Google for SQL Injection to get some other ideas.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================