Home >Backend Development >PHP Tutorial >Analysis of security issues caused by PHP magic quotes, magic quotes_PHP tutorial

Analysis of security issues caused by PHP magic quotes, magic quotes_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 10:23:271223browse

Analysis of security issues caused by PHP magic quotes, magic quotes

PHP will cause certain security issues by extracting the "" character generated by magic quotes, such as the following code snippet:

// foo.php?xigr='ryat
function daddslashes($string, $force = 0) {
!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
if(!MAGIC_QUOTES_GPC || $force) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
}
return $string;
}
...
foreach(array('_COOKIE', '_POST', '_GET') as $_request) {
foreach($$_request as $_key => $_value) {
$_key{0} != '_' && $$_key = daddslashes($_value);
}
}
echo $xigr['hi'];
// echo \

The above code originally expected to get an array variable $xigr['hi'] that has been safely processed by daddslashes(), but there is no strict type specification for the variable $xigr. When we submit a string variable $xigr= 'ryat, after the above processing, becomes 'ryat, and finally $xigr['hi'] will be output. If this variable is introduced into the SQL statement, it will cause serious security problems. Let's look at the following code. Snippet:

...
if($xigr) {
foreach($xigr as $k => $v) {
$uids[] = $v['uid'];
}
$query = $db->query("SELECT uid FROM users WHERE uid IN ('".implode("','", $uids)."')");

Using the idea mentioned above, by submitting a structural form such as foo.php?xigr[]='&xigr[][uid]=evilcode, you can easily break through GPC or similar security processing and form a SQL injection vulnerability! Sufficient attention should be paid to this!

[php learning] Teach 1 magic quote correction function

Thank you, I basically understand it. The function of this function should be: if the magic quotation mark function is turned on, remove the backslash added by it, and then use addslashes() or mysql_real_escape_string() to handle it according to the situation.

thinkphp For php magic quotes, I just need to upload a link or a picture, and it will automatically add a "/" to solve it

I want to make sure that the value you passed is added with "/". If it is "/", you can try to replace "/" with nothing in the Action.
In the past, the value I passed was added with "\", so I used stripslashes($_POST['ck']) to do it.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/840626.htmlTechArticleAnalysis of security issues caused by PHP magic quotes. Magic quotes PHP extracts the "" characters generated by magic quotes. It brings certain security issues, such as the following code snippet: // fo...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn