[thelist] Web Database Security (was: how did they hack...)
Bart Posselt
BPOSSELT at dineout.org
Thu Apr 19 11:12:36 CDT 2001
Have you looked at server-side regular expressions? I'm not familiar with PHP, but this might help (it's for ASP): http://dynamic.15seconds.com/Issue/page.asp?Page_Id=306
Bart
>>> ppxsjc1 at unix.ccc.nottingham.ac.uk 04/19/01 11:52AM >>>
> http://www.webreview.com/2001/04_13/developers/index02.shtml
That's a good article, but it did leave me with one question:
I can understand how you can validate some fields to prevent malicious
attacks (such as checking IDs are integers), but what do you do about text
fields?
At present I use sql like this in my PHP/MySQL applications:
INSERT INTO TableName (name,email,comment) VALUES
('$name','$email','$comment')
I thought that since single quotes are escaped by PHP magic quotes it
would be impossible to "break into" my sql syntax with a comment like:
$comment = "my nasty comment)' DROP TableName"
which *should* result in a harmless sql syntax of:
INSERT INTO TableName (name,email,comment) VALUES
('name','email','my nasty comment)\' DROP TableName')
Am I missing something here? Any other security tips/urls?
Simon
---------------------------------------
For unsubscribe and other options, including
the Tip Harvester and archive of TheList go to:
http://lists.evolt.org Workers of the Web, evolt !
More information about the thelist
mailing list