Ok, I think you have gotten my point... I simply want to make sure that the code I am writting is "up to par" on security issues such as you listed. Maybe there are some examples of what to do vs. what not to do when writting code that would be near impossible to exploit. I simply do not need some script kiddie messing with the time and research I have put into making this application. Any resources would be appreciated! Jas
"Scott Hurring" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > No language is "secure".... becuase there's no such thing. > even supposedly secure Java VM sandboxes have well-known > security exploits. > > PHP code is as secure as you write it. > Bad programmer = bad code > > Name any language or program and there are > well-documented ways to subvert it. Buffer > overflows in "C", and flawed Double-byte char > support in "IIS", to name a few recent and > better-known exploits. > > --- > Scott Hurring > Systems Programmer > EAC Corporation > [EMAIL PROTECTED] > Voice: 201-462-2149 > Fax: 201-288-1515 > > > -----Original Message----- > > From: Adam Voigt [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, June 06, 2002 1:22 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [PHP] Re: Anyone? > > > > > > Yes, PHP is a secure programming language. > > > > On Thu, 2002-06-06 at 13:18, Jas wrote: > > > I cannot believe that no one with alot of PHP and MySQL > > experience has not > > > replied to this post yet. Is PHP not a secure scripting > > language? I would > > > really like a little insight into this question, anyone? > > > > > > "Jas" <[EMAIL PROTECTED]> wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I posted this yesterday and did not get any response at all? Just > > > wondering > > > > if someone can give me some insight into some security > > measures for a > > > > content management application... > > > > > > > > Posted 06/05/2002 > > > > Ok, I am not a security expert so I would like to know if > > my security > > > > measures I have implimented is adequate enough to keep > > people out. Any > > > > pointers on this would be very helpful as I am trying to > > impliment a > > > secure > > > > way for people to update a website through the use of a > > content management > > > > application. Example of code is as follows > > > > > > > > // Login form - index.php > > > > <form name="authenticate" method="post" action="auth_done.php"> > > > > <input type="text" name="user" size="20" maxlength="20"><br> > > > > <input type="password" name="pw" size="20" maxlength="20"><br> > > > > Select an image to identify yourself as an administrator.<br> > > > > <select name="image"> > > > > <option value="image01.jpg">image01</option> > > > > <option value="image02.jpg">image02</option> > > > > <option value="image03.jpg">image03</option> > > > > <option value="image04.jpg">image04</option> > > > > <option value="image05.jpg">image05</option> > > > > </select><br><br> > > > > <input type="submit" name="Login" value="Login"> > > > > <input type="reset" name="Reset" value="Reset"> > > > > </form> > > > > > > > > // Authentication checker - auth_done.php > > > > #############check fields for valid entries in form############ > > > > if ((!$u_name) || (!$p_word) || (!$image)){ > > > > header("Location: index.php"); > > > > exit; > > > > } > > > > ############connects to database############ > > > > require '/path/to/database/connection/script/dbcon.php'; > > > > #############selects database table containing users > > that are allowed to > > > > use application############ > > > > $db_table = 'users'; > > > > $sql = "SELECT * from $db_table WHERE un = \"$user\" AND pw = > > > > password(\"$pw\")"; > > > > $result = @mysql_query($sql,$dbh) or die("Couldn't > > execute query"); > > > > #############loops through all records to find a > > match############ > > > > $num = mysql_numrows($result); > > > > if ($num !=0) { > > > > #############creates variables for sessions############ > > > > $p_hash = "$p_word"; > > > > $to_hash = "$image"; > > > > #############creates md5 hash of image user selected############ > > > > $pstring = md5($to_hash); > > > > #############creates md5 hash of password user > > entered############ > > > > $image_sel = md5(uniqid(microtime($p_word),1)); > > > > #############starts session for user############ > > > > session_start(); > > > > #############registers variables created (md5 of > > password, username, & > > > > image) in session############ > > > > session_register('user'); > > > > session_register('$pstring'); > > > > session_register('$image_sel'); > > > > #############captures users ip address (logging stuff, > > not listed in > > > this > > > > code for security reasons)############ > > > > $ipaddy = $REMOTE_ADDR; > > > > #############echoes success message to authenticated > > user############ > > > > $msg_success = "<b>You have been authorized to make > > changes to the > > > > website! Your IP address has been recorded and sent to > > the administrator: > > > > $ipaddy</b>"; > > > > } else { > > > > #############this prints if user name and password > > combination is not > > > > found in database############ > > > > print "<p>You are not authorized to use this application!</p>"; > > > > exit; > > > > } > > > > > > > > Now on each page in the content management app I have > > these lines of code: > > > > #############Start the session############# > > > > session_start(); > > > > #############check session variables############# > > > > if (isset($HTTP_SESSION_VARS['user']) || > > > > isset($HTTP_SESSION_VARS['$image_sel']) || > > > > isset($HTTP_SESSION_VARS['$pstring'])) { > > > > $main = "Some kinda message for page in question"; > > > > #############connects to database############# > > > > require '/path/to/database/connection/script/dbcon.php'; > > > > #############if session variables not registered kick > > the user back to > > > > login form############# > > > > } else { > > > > header ("Location: index.php"); > > > > } > > > > > > > > Now just so you know I have changed all the variables to > > something other > > > > than what I am currently using, however I have made sure > > that this is a > > > > working example so everything should work as is. Also I > > have tested this > > > a > > > > few different ways, including: creating a page that > > tries to include one > > > of > > > > the pages I have my security checks on from another > > website, linking > > > > directly to a script within the application etc. In any > > event, I also > > > have > > > > logging setup on each and every script which I have not > > included here > > > > (different topic), just in case someone does get in I can > > at least "try" > > > to > > > > find them. Any help, pointers, tutorials, examples, etc. would be > > > > appreciated!!! > > > > TIA > > > > Jas > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
