Home >Backend Development >PHP Tutorial >marc by marc jacobs official website The essence of script security_PHP+MYSQL page 1/3

marc by marc jacobs official website The essence of script security_PHP+MYSQL page 1/3

WBOY
WBOYOriginal
2016-07-29 08:39:031218browse

1. Preface The existence of the problem
If you consider code security at the code level, that is, at the application level (that is, without considering the vulnerabilities of the underlying language itself), script security issues are about functions and variables. Variables directly or indirectly receive unsafe input from users. Due to the characteristics of PHP itself, it is easier to find this kind of variable confusion in PHP (many PHP programs are used to define, initialize and receive variables, which can be used directly in the program The initialization of variables such as $id is completely completed by PHP settings. If you are not careful, it may cause confusion in the variables and lead to attacks).
After a variable receives unsafe input and is used in different places without proper filtering, it may cause different harms. If you directly enter the database and display it to the user, it will lead to a cross-site scripting attack. If it is used in a SQL statement, it may lead to a SQL injection attack. These attacks have nothing to do with the specific scripting language. In various scripting languages All may exist. Since PHP variables are very flexible, if these harmful variables are used in some logical statements, it will cause the skipping of critical code such as authentication failure and skipping the initialization of some variables, causing confusion in the program logic and other vulnerabilities. If this variable is used in dangerous functions such as include, etc., of course there will be a file inclusion vulnerability. If it appears in the fopen function, it may cause a file writing vulnerability. If it appears in the mysql_query function, it will be a Sql injection vulnerability, eval and preg_replace. It may lead to the execution of code, appearing in the htmlspecia function may cause errors, and the environment in which the absolute path leak variable appears determines its possible harm.
Thinking about the existence of the problem, how to check this kind of vulnerability from the code level? Of course, being familiar with the PHP language is the most basic thing. You should also grasp functions and variables. If there are variables in dangerous functions, please determine the source of the variables, whether they are correctly initialized, and whether sensitive characters can be injected by users after initialization. Whether these sensitive characters have been completely cleared before entering the function. The difficulty in code review work may lie in determining the source of variables, which requires familiarity with PHP features and the code you are reviewing, but not all sources of variables are clearly visible, and some initialization codes may not be as clear as If you run it imaginatively, some of the things in the variables may come from places you don't want them to come from, and some variables may come from the database or system configuration files, but it is very likely that the database and configuration files have been modified before, or These variables are unsafely manipulated later and cannot be trusted. Next, we will think about the security of script code according to the ideas of variables and functions.
2 Where do the variables come from?
1 Displayed input
Calling where the variable comes from actually means where the threat comes from. If we just think about it from the web, what kind of website is the safest? Obviously, those websites that only provide static Html pages are the safest, because such websites do not interact with the browser in any way. It is like robbing an airtight bank. It is difficult to achieve, but for a large forum or script The program is different. When you log in, you need to pass variables such as username and password to the server. Even the IP address and browser you logged in to are the objects captured by the program. The process of interacting with the server is captured once, such as posting a post. Wait and you will find that the data transmission between the browser and the server may be visible to you, including the submitted form, address bar parameters, etc., but what you cannot see includes cookies, and HTTP headers are all submitted data, that is, variables. place. These places are also the original entrances for the server to process data. So how does the PHP program accept variables? All submitted variables are saved in some arrays by php, including
$_GET
$_POST
$_COOKIE
$_FILES
$_SERVER
For initial convenience and flexibility, there is such an option in php settings
register_globals
When this option is on, the variables that appear above will become a member of $GLOBALS, and can be used directly without obtaining them in the script, and will be overwritten in the order of
variables_order
. Many programs consider register_globals to be off, so they use the following code when initializing the program:
@extract(daddslashes($_POST));
@extract(daddslashes($_GET));
These codes play the role of register_globals The function is to release the contents of POST and GET as global variables, but the danger may be greater, which will be mentioned later.

Current page 1/3 123Next page

The above introduces the essence of script security of marc by marc jacobs official website_PHP+MYSQL page 1/3, including the content of marc by marc jacobs official website. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn