hello all,
ive been wondering latley if someone could change a get variable, so he can change a sql statement that way, that he could delete data from my database.
the following ive thought of:
$_GET['someinput'] = "123"
$sql = "select * from test where id = '".$_GET['someinput']."'";
.....
so if someone would change the url from
http://test/index.php?somei nput=123
to something like
http://test/index.php?somei nput=123'; delete from test where '1
i thought he might be able to empty my database or do even worse things.
so my idea was to generally search for keywords in the post and get data, so things like that are not possible anymore.
iv done the following function, that i will put on top of every file, that includes the conncetion files for the database:
[PHP]
function valiMySQLInput_ 1($getinp){ return str_ireplace("' ","",$getin p); }
function valiMySQLInput_ 2($getinp){ return str_ireplace("\ "","",$geti np); }
function valiMySQLInput_ 3($getinp){ return str_ireplace(", ","",$getin p); }
function valiMySQLInput_ 4($getinp){ return str_ireplace("; ","",$getin p); }
function valiMySQLInput_ 5($getinp){ return str_ireplace("( ","",$getin p); }
function valiMySQLInput_ 6($getinp){ return str_ireplace(") ","",$getin p); }
function valiMySQLInput_ 7($getinp){ return str_ireplace("F ROM","",$getinp ); }
function valiMySQLInput_ 8($getinp){ return str_ireplace("L IKE","",$getinp ); }
function valiMySQLInput_ 9($getinp){ return str_ireplace("W HERE","",$getin p); }
function valiMySQLInput( )
{
global $_GET, $_POST;
//make get and post input secure for db useage
if (!get_magic_quo tes_gpc())
{
$_GET = array_map('adds lashes', $_GET);
$_POST = array_map('adds lashes', $_POST);
}
$_GET = array_map('vali MySQLInput_1', $_GET);
$_POST = array_map('vali MySQLInput_1', $_POST);
$_GET = array_map('vali MySQLInput_2', $_GET);
$_POST = array_map('vali MySQLInput_2', $_POST);
$_GET = array_map('vali MySQLInput_3', $_GET);
$_POST = array_map('vali MySQLInput_3', $_POST);
$_GET = array_map('vali MySQLInput_4', $_GET);
$_POST = array_map('vali MySQLInput_4', $_POST);
$_GET = array_map('vali MySQLInput_5', $_GET);
$_POST = array_map('vali MySQLInput_5', $_POST);
$_GET = array_map('vali MySQLInput_6', $_GET);
$_POST = array_map('vali MySQLInput_6', $_POST);
$_GET = array_map('vali MySQLInput_7', $_GET);
$_POST = array_map('vali MySQLInput_7', $_POST);
$_GET = array_map('vali MySQLInput_8', $_GET);
$_POST = array_map('vali MySQLInput_8', $_POST);
$_GET = array_map('vali MySQLInput_9', $_GET);
$_POST = array_map('vali MySQLInput_9', $_POST);
}
[/PHP]
can someone more experienced say if that makes sense, ord if i should do something else? is there anything i am missing concerning security issues of this kind?
thanks for answers on this.
best
trom
ive been wondering latley if someone could change a get variable, so he can change a sql statement that way, that he could delete data from my database.
the following ive thought of:
$_GET['someinput'] = "123"
$sql = "select * from test where id = '".$_GET['someinput']."'";
.....
so if someone would change the url from
http://test/index.php?somei nput=123
to something like
http://test/index.php?somei nput=123'; delete from test where '1
i thought he might be able to empty my database or do even worse things.
so my idea was to generally search for keywords in the post and get data, so things like that are not possible anymore.
iv done the following function, that i will put on top of every file, that includes the conncetion files for the database:
[PHP]
function valiMySQLInput_ 1($getinp){ return str_ireplace("' ","",$getin p); }
function valiMySQLInput_ 2($getinp){ return str_ireplace("\ "","",$geti np); }
function valiMySQLInput_ 3($getinp){ return str_ireplace(", ","",$getin p); }
function valiMySQLInput_ 4($getinp){ return str_ireplace("; ","",$getin p); }
function valiMySQLInput_ 5($getinp){ return str_ireplace("( ","",$getin p); }
function valiMySQLInput_ 6($getinp){ return str_ireplace(") ","",$getin p); }
function valiMySQLInput_ 7($getinp){ return str_ireplace("F ROM","",$getinp ); }
function valiMySQLInput_ 8($getinp){ return str_ireplace("L IKE","",$getinp ); }
function valiMySQLInput_ 9($getinp){ return str_ireplace("W HERE","",$getin p); }
function valiMySQLInput( )
{
global $_GET, $_POST;
//make get and post input secure for db useage
if (!get_magic_quo tes_gpc())
{
$_GET = array_map('adds lashes', $_GET);
$_POST = array_map('adds lashes', $_POST);
}
$_GET = array_map('vali MySQLInput_1', $_GET);
$_POST = array_map('vali MySQLInput_1', $_POST);
$_GET = array_map('vali MySQLInput_2', $_GET);
$_POST = array_map('vali MySQLInput_2', $_POST);
$_GET = array_map('vali MySQLInput_3', $_GET);
$_POST = array_map('vali MySQLInput_3', $_POST);
$_GET = array_map('vali MySQLInput_4', $_GET);
$_POST = array_map('vali MySQLInput_4', $_POST);
$_GET = array_map('vali MySQLInput_5', $_GET);
$_POST = array_map('vali MySQLInput_5', $_POST);
$_GET = array_map('vali MySQLInput_6', $_GET);
$_POST = array_map('vali MySQLInput_6', $_POST);
$_GET = array_map('vali MySQLInput_7', $_GET);
$_POST = array_map('vali MySQLInput_7', $_POST);
$_GET = array_map('vali MySQLInput_8', $_GET);
$_POST = array_map('vali MySQLInput_8', $_POST);
$_GET = array_map('vali MySQLInput_9', $_GET);
$_POST = array_map('vali MySQLInput_9', $_POST);
}
[/PHP]
can someone more experienced say if that makes sense, ord if i should do something else? is there anything i am missing concerning security issues of this kind?
thanks for answers on this.
best
trom
Comment