PHP 编码安全-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

PHP 编码安全

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 23, 2016 pm 02:31 PM

这几天由于一个安全度较高的项目需要启动所以我也就把大部分精力放到了编码安全上面。也了解了一些PHP编码方面的安全漏洞。比如XSS攻击和SQL注入等。由于本人资历尚浅，不能尝试编写出攻击类代码，本篇文章只记录本人近几天通过学习PHP安全编码方面的一些知识来防止和降低被攻击的危险。

1.关于XSS攻击

首先我们先看一段PHP代码：

              <p class="sycode">              <    form action    =    "    <?php echo     $_SERVER    ['PHP_SELF']; ?>    "    >        <    input type    =    "    submit    "     name    =    "    submit    "     value    =    "    submit    "         />        </    form    >              </p>

目的是提交到当前页面。当我们输入http://localhost/xss/index.php的时候。页面正常的提交了。这就是我们想要的结果。

但是http://localhost/xss/index.php?a=1的时候浏览器也正常提交了。这样可就不是我们想要的了。当我们在浏览器中输入http://localhost/xss/index.php/%3E%22%3E%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E

看看会发生什么事吧。没错浏览器弹出了XSS的提示框。这就表明网站存在被XSS攻击的危险了。

那么我们怎样解决这一问题呢，下面请看如下代码：

              <p class="sycode">              <    form action    =    "    <?php echo htmlspecialchars(    $_SERVER    ['PHP_SELF']); ?>    "    >        <    input type    =    "    submit    "     name    =    "    submit    "     value    =    "    submit    "         />        </    form    >              </p>

现在再次提交上面的恶意代码，这样我们是不是就避免了被攻击了呢。

htmlspecialchars 函数把一些预定义的字符转换为 HTML 实体。

2.关于SQL注入

下面先看一个例子(这个例子只是起到说明作用，无实际效果)：

              <p class="sycode">              $name         =         $_GET    [    '    username    '    ];    mysql_query    (“SELECT     *     FROM users WHERE name    =    ’{    $name    }’”);              </p>

当我们在浏览器输入http://localhost/xss/index.php?username=confusing,的时候，正常进入了SQL的SELECT语句。这是我们想要的结果。

可是当我们在浏览器中输入：http://localhost/xss/index.php?username=confusing';DELETE FROM users;

这条SQL语句就变成了:

              <p class="sycode">              SELECT         *         FROM     users     WHERE     name    =    '    confusing    '    ;    DELETE         FROM     users;              </p>

多么可怕的事情。这条语句把users表删除掉了。

那么我们怎样防止这样的事情发生呢？

1).验证输入

看下面的代码片段：

              <p class="sycode">              if (get_magic_quotes_gpc()) {              </p>              <p class="sycode">              　　$name = stripslashes($name);              </p>                    <p class="sycode">              $name         =         mysql_real_escape_string    ($_GET['username'];    );    mysql_query    (“SELECT     *     FROM users WHERE name    =    ’{    $name    }’”);              </p>

这样是不是更安全了一些呢。

还有一些比较好的PHP函数库比如我上篇提到的Ctype。都是一些验证很好的验证数据的工具。只要我们不耐其烦的认真检验用户输入的数据就能最大限度的减少被攻击的几率。

今天只写这么多，本人也在学习中。如发现更多会在本处直接更新。

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How can you check if a PHP session has already started?Apr 30, 2025 am 12:20 AM

In PHP, you can use session_status() or session_id() to check whether the session has started. 1) Use the session_status() function. If PHP_SESSION_ACTIVE is returned, the session has been started. 2) Use the session_id() function, if a non-empty string is returned, the session has been started. Both methods can effectively check the session state, and choosing which method to use depends on the PHP version and personal preferences.

Describe a scenario where using sessions is essential in a web application.Apr 30, 2025 am 12:16 AM

Sessionsarevitalinwebapplications,especiallyfore-commerceplatforms.Theymaintainuserdataacrossrequests,crucialforshoppingcarts,authentication,andpersonalization.InFlask,sessionscanbeimplementedusingsimplecodetomanageuserloginsanddatapersistence.

How can you manage concurrent session access in PHP?Apr 30, 2025 am 12:11 AM

Managing concurrent session access in PHP can be done by the following methods: 1. Use the database to store session data, 2. Use Redis or Memcached, 3. Implement a session locking strategy. These methods help ensure data consistency and improve concurrency performance.

What are the limitations of using PHP sessions?Apr 30, 2025 am 12:04 AM

PHPsessionshaveseverallimitations:1)Storageconstraintscanleadtoperformanceissues;2)Securityvulnerabilitieslikesessionfixationattacksexist;3)Scalabilityischallengingduetoserver-specificstorage;4)Sessionexpirationmanagementcanbeproblematic;5)Datapersis

Explain how load balancing affects session management and how to address it.Apr 29, 2025 am 12:42 AM

Load balancing affects session management, but can be resolved with session replication, session stickiness, and centralized session storage. 1. Session Replication Copy session data between servers. 2. Session stickiness directs user requests to the same server. 3. Centralized session storage uses independent servers such as Redis to store session data to ensure data sharing.

Explain the concept of session locking.Apr 29, 2025 am 12:39 AM

Sessionlockingisatechniqueusedtoensureauser'ssessionremainsexclusivetooneuseratatime.Itiscrucialforpreventingdatacorruptionandsecuritybreachesinmulti-userapplications.Sessionlockingisimplementedusingserver-sidelockingmechanisms,suchasReentrantLockinJ

Are there any alternatives to PHP sessions?Apr 29, 2025 am 12:36 AM

Alternatives to PHP sessions include Cookies, Token-based Authentication, Database-based Sessions, and Redis/Memcached. 1.Cookies manage sessions by storing data on the client, which is simple but low in security. 2.Token-based Authentication uses tokens to verify users, which is highly secure but requires additional logic. 3.Database-basedSessions stores data in the database, which has good scalability but may affect performance. 4. Redis/Memcached uses distributed cache to improve performance and scalability, but requires additional matching

Define the term 'session hijacking' in the context of PHP.Apr 29, 2025 am 12:33 AM

Sessionhijacking refers to an attacker impersonating a user by obtaining the user's sessionID. Prevention methods include: 1) encrypting communication using HTTPS; 2) verifying the source of the sessionID; 3) using a secure sessionID generation algorithm; 4) regularly updating the sessionID.

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

What's New in Windows 11 KB5054979 & How to Fix Update Issues

3 weeks agoByDDD

How to fix KB5055523 fails to install in Windows 11?

2 weeks agoByDDD

InZoi: How To Apply To School And University

4 weeks agoByDDD

How to fix KB5055518 fails to install in Windows 10?

2 weeks agoByDDD

Roblox: Dead Rails – How To Summon And Defeat Nikola Tesla

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

Atom editor mac version download

The most popular open source editor

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.