search

Home  >  Article  >  Backend Development  >  PHP session anti-url attack method_PHP tutorial

PHP session anti-url attack method_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 17:09:561208browse

Session tracking can easily avoid the above situation:

session_start();
$clean = array();
$email_pattern = '/^[^@s<&>]+@([-a-z0-9]+.)+[a-z]{2,}$/i';
if (preg_match($email_pattern, $_POST['email']))
{
$clean['email'] = $_POST['email'];
$user = $_SESSION['user'];
$new_password = md5(uniqid(rand(), TRUE));
if ($_SESSION['verified'])
{
/* Update Password */
mail($clean['email'], 'Your New Password', $new_password);
}
}
?>

http://example.org/reset.php?user=php&email=chris%40example.org

If reset.php trusts the information provided by the user, this is a semantic URL attack vulnerability. In this case, the system will generate a new password for the php account and send it to chris@example.org, so chris successfully steals the php account.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629703.htmlTechArticlesession tracking can easily avoid the above situation: ?php tutorial session_start(); $clean = array (); $email_pattern = '/^[^@s]+@([-a-z0-9]+.)+[a-z]{2,}$/i'; if (preg_mat...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP prevents webshell processing function_PHP tutorialNext article:PHP prevents webshell processing function_PHP tutorial

Related articles

See more