Insane Visions - Basic PHP Security Tutorial :: Premium PHP Scripts - AdaptCMS, AdaptBB
Basic PHP Security at Jul 10, 08 - 9:17 pm
         Views: 39,961
Type: PHP
Experience Level: Experienced
I'll be the first one to admit that when I first started coding with PHP, security was the last thing I thought about. My focus was learning the basics and actually getting things to work. Now years later, Security is my number one concern along with other PHP Developers.
It seems like a given, but hackers do test your scripts and all it can take is one minor mistake, even an expert PHP Guru could miss and a hacker could delete a vital MySQL Table. Protecting your SQL queries, cookies, checking user-submitted content and XSS are among the very vulnerable areas of PHP, yet they can all be protected.
In this tutorial we'll go over some of the areas of PHP that need special attention to make sure your code protects against malicious attempts, from SQL Injection to the underestimated - XSS. Enjoy!
SQL Injection
We'll go ahead and start out with one of the most dangerous, SQL Injection. In a nutshell, SQL Injection means some type of user input is being passed and used inside an SQL Query. Most times it will be valid, but if they are a malicious little bugger, they may try and say, delete a MySQL table or login as an administrator.
$sql = mysql_query("SELECT * FROM users_table WHERE
username = '{$_POST['username']}' AND
password = '{$_POST['password']}'");
That simple query seems harmless, but let's just say the malicious users enters the password as "' OR ''=', the query will then check for the username and the password, or if nothing equals nothing, which it does and they gain access. So how do we protect against it? mysql_real_escape_string()
$query = sprintf("SELECT * FROM users_table WHERE user='%s' AND password='%s'",
mysql_real_escape_string($_POST['username']),
mysql_real_escape_string($_POST['password']));
File Inclusion
Most often a n00bie mistake, file inclusion can be a huge security hole. Let's take an example:
include ("files/".$_GET['url']);
Most any PHP user will see a HUGE problem with that right away and luckily this is a problem that mostly pertains to the newest users. There's a few things to protect yourself.
- First you need so make sure you have correctly set "open_basedir" in your php.ini file, as well, make sure that "allow_url_fopen" is turn off. This will help protect against malicious attempts at including system files, remote files and other vital ones.
- Secondly and I recommend, in conjunction, let's have a list of allowed files:
$pages = array('test1.php', 'test2.php',
'test3.php');
if (in_array($_GET['url'], $pages) {
include ("files/".$_GET['url']);
} else {
die('Warning: Hacking Attempt');
}
XSS - Cross Site Scripting/CSRF
XSS is very underestimated, it's extremely dangerous and yet, not that difficult to protect against. With Cross Site Scripting (XSS), a malicious user can do a lot of damage, depending on the protection you have against XSS. With no protection, they could possibly even include an image. What's the big deal? How about a PHP image, which could contain a lot of code that could do some damage on your website. Below we have two things that can protect against XSS:
- htmlentities()
With htmlentities, you can easily prevent against XSS. You even even have a white-list of sorts, so you can allow some HTML tags.
- XSS Filter Function
There are many out here, but we use this PHP function. You simply use it with PHP tags that could contain malicious data and this nifty function strips it out. The best part is that it's easily modified, you can add or take out any JS/HTML tag you want taken out or left alone.
Conclusion
We've covered three of the most important and basic breaches of PHP security. All three are so important to protect against because if they are exploited, you can expect a lot of damage done, from deleted tables with important data to deleting files of your website! Even the more experienced PHP users tend to underestimate hackers and malicious users, that's something as a PHP developer you never want to do. Happy Coding!
Download: 
Rating: 
Sorry but you cannot post a comment, you do not have the necessary permissions to.
Comments
Page processed in 0.136 seconds.
|
