I always use the method of filtering user input as described at the php
security consortium. It makes it easier to track tainted user input vs
filtered input. If all filtered variables are put in an array it makes it
easier to ensure you're using the non tainted variable.
http://phpsec.org/projects/guide/1.html#1.4
Then PEAR::DB to query the mysql database as PEAR::DB handles the SQL
filtering.
From: Jonathan Ernst <[EMAIL PROTECTED]>
To: wine-devel@winehq.com
Subject: Re: appdb security
Date: Thu, 08 Jun 2006 18:12:20 +0200
Le jeudi 08 juin 2006 à 11:42 -0400, Chris Morgan a écrit :
> Can you come up with a non-destructive working example for the appdb
> website(appdb.winehq.org)? ;-)
>
> I ask because I thought we went through this some time ago but I agree
that
> what you say looks like an open issue.
>
> Chris
Lately I used the following snippet in all my webapps to secure them
against sql injection :
http://php.net/mysql_real_escape_string under "Best practice".
<?php
function smart_quote($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Protect it if it's not an integer
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value) . "'";
}
return $value;
}
// Secure query
$sQuery = sprintf("SELECT *
FROM users
WHERE user=%s AND password=%s",
smart_quote($_POST['username']),
smart_quote($_POST['password']));
mysql_query($query);
?>
I think it is better than what we have now in AppDB (didn't check it
though). If nobody looks at it, I'll check the code after my master
thesis (in one month).
Jonathan
<< signature.asc >>
