php安全简析

WBOY
WBOYOriginal
2016-06-23 14:30:28934browse

第一章 简介

  1>  原则
    深度防范
    最小权限
    简单就是美
    暴露最小化

  2>方法

    平衡风险与可用性

    跟踪数据

    过滤输入
    输出转义

 

 

//****防止表单提交骗术
session_start();
$_SESSION['token'] = md5(uniqid(mt_rand(), true));

 

//*****初始化一个用于保存过滤数据数组。

 

$clean = array();

 

if(ctype_alpha($_POST['name'])){
$clean['name'] = $_POST['name'];
}else{

 

//错误
}
//****避免跨站点脚本
/*使用真确的字符编码*/
header('Content-Type:text/heml; charset=UTF-8');
/*为保存转义后的数据初始化一个数组*/
$html = array();
$html['username'] = htmlentities($clean['username'], ENT_QUOTES,'UTF-8');

 

//****避免SQL注入
/*使用PDO之类的数据库来针对你的数据库进行适当的转义*/
$db = new PDO('mysql:host=localhost;dbname=users',$_SERVER['DB_USER'],$_SERVER['DB_PASSWORD']);
$statement = $db->prepare("INSERT INTO user (username, password) VALUES (:username, :password)");
$statement->bindParam(':username',$clean['username']);
$statement->bindParam(':password',$clean['password']);
$statement->execute();
$db = NULL;

安全的 PHP 表单处理代码


$okay = 0;
$username = $_POST['user'];
$pw = $_POST['pw'];

$sql = "select count(*) as ctr from users where 
username='".mysql_real_escape_string($username)."' 
and password='". mysql_real_escape_string($pw)."' limit 1"; 

$result = mysql_query($sql);

while ($data = mysql_fetch_object($result)){
if ($data->ctr == 1){
//they're okay to enter the application!
$okay = 1;
}
}

if ($okay){
$_SESSION['loginokay'] = true;
header("index.php");
}else{
header("login.php");
}
?>

 


//****将密码置于站点文件外部
mysql_connect('localhost' , $_SERVER['DB_USER'], $_SERVER['DB_PASSWORD']);

 

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:php后台运行Next article:php中的$_REQUEST