## Source code exposed
Your WEB server must be able to read your source code and execute it. This means that when the code written by anyone is run by the server, it can also read your source code. On a shared hosting, the biggest risk is that because the WEB server is shared, PHP code written by other developers can read arbitrary files.
<?php header('Content-Type: text/plain'); readfile($_GET['file']); ?>
## By running the above script on the host where your source code resides, an attacker can cause the WEB server to read and display any file by specifying the file value as a full path and file name. For example, assuming that the script is named file.php and is located on the host example.org, the contents of the file /path/to/source.php can be exposed by accessing the following link:
http://www.php.cn/
Of course, for this simple code to work, an attacker would have to know exactly where your source code is, but an attacker could write a more complex script that would allow them to browse the entire file system. For such scripts, see the examples later in this chapter.
There is no perfect solution to this problem. As discussed in Chapter 5, you must consider that all of your source code is public, even code that is stored outside of your home WEB directory.
The best approach is to keep all sensitive data in a database. While this adds an extra layer of complexity to writing some code, it's the best way to prevent your sensitive data from being exposed. Unfortunately, there is another problem. How to save your database access password?
Please look at a file named db.inc saved outside the main directory of the website:
<?php
$db_user = 'myuser';
$db_pass = 'mypass';
$db_host = 'localhost';
$db = mysql_connect($db_host, $db_user,
$db_pass);
?>
If the path to the file is known (or guessed), there is a possibility that another user on your server accesses the file and will gain database access, so that all the data you save in the database will be will be exposed.
The best solution to this problem is to save your database access permissions in a file that can only be read by system administrators in the following format:
SetEnv DB_USER "myuser"
SetEnv DB_PASS "mypass"
## SetEnv is an Apache command. The above file means to create two Apache environment variables that represent your database username and password respectively. Of course, the key to this trick is that only system administrators can read the file. If you can't log in as a system administrator, you can restrict the file to being readable only by yourself, which is a similar protection method as above.
$ chmod 600 db.conf $ ls db.conf -rw------- 1 chris chris 48 May 21 12:34 db.conf
## This effectively prevents malicious scripts from gaining access to your data, so there is no significant risk to the security of sensitive data held in the database.
For this file to work, you need to be able to access the data in it through PHP. To achieve this goal, you need to write the following inclusion sentence in httpd.conf:
Include "/path/to/db.conf"
It should be noted that this statement needs to be inserted in the VirtualHost area, otherwise other users can obtain the corresponding content.
Since the parent process of Apache runs as a system administrator (needs to bind to port 80), it is able to read the configuration file, but the child process that handles server requests (running PHP scripts) cannot read the file.
You can access these two variables through the $_SERVER super global array, so in db.inc, you only need to reference the $_SERVER variable instead of stating the database permissions:
<?php $db_user = $_SERVER['DB_USER']; $db_pass = $_SERVER['DB_PASS']; $db_host = 'localhost'; $db = mysql_connect($db_host, $db_user, $db_pass); ?>
If the file is exposed, database access will not be compromised. This is a major security improvement for shared hosting, and it is also an in-depth defense method for independent hosting.
Note that when using the above technique, database access rights are located in the $_SERVER super public array. This requires also restricting ordinary visitors from running phpinfo() to view or any other reasons that cause the contents of $_SERVER to be exposed.
Of course, you can use this technique to protect any information (not just database access), but I find it more convenient to save most data in a database, especially since this technique requires assistance from your hosting provider.
The above is the content of PHP Security-Source Code Exposure (2). For more related content, please pay attention to the PHP Chinese website (www.php.cn)!
How do you modify data stored in a PHP session?Apr 27, 2025 am 12:23 AMTomodifydatainaPHPsession,startthesessionwithsession_start(),thenuse$_SESSIONtoset,modify,orremovevariables.1)Startthesession.2)Setormodifysessionvariablesusing$_SESSION.3)Removevariableswithunset().4)Clearallvariableswithsession_unset().5)Destroythe
Give an example of storing an array in a PHP session.Apr 27, 2025 am 12:20 AMArrays can be stored in PHP sessions. 1. Start the session and use session_start(). 2. Create an array and store it in $_SESSION. 3. Retrieve the array through $_SESSION. 4. Optimize session data to improve performance.
How does garbage collection work for PHP sessions?Apr 27, 2025 am 12:19 AMPHP session garbage collection is triggered through a probability mechanism to clean up expired session data. 1) Set the trigger probability and session life cycle in the configuration file; 2) You can use cron tasks to optimize high-load applications; 3) You need to balance the garbage collection frequency and performance to avoid data loss.
How can you trace session activity in PHP?Apr 27, 2025 am 12:10 AMTracking user session activities in PHP is implemented through session management. 1) Use session_start() to start the session. 2) Store and access data through the $_SESSION array. 3) Call session_destroy() to end the session. Session tracking is used for user behavior analysis, security monitoring, and performance optimization.
How can you use a database to store PHP session data?Apr 27, 2025 am 12:02 AMUsing databases to store PHP session data can improve performance and scalability. 1) Configure MySQL to store session data: Set up the session processor in php.ini or PHP code. 2) Implement custom session processor: define open, close, read, write and other functions to interact with the database. 3) Optimization and best practices: Use indexing, caching, data compression and distributed storage to improve performance.
Explain the concept of a PHP session in simple terms.Apr 26, 2025 am 12:09 AMPHPsessionstrackuserdataacrossmultiplepagerequestsusingauniqueIDstoredinacookie.Here'showtomanagethemeffectively:1)Startasessionwithsession_start()andstoredatain$_SESSION.2)RegeneratethesessionIDafterloginwithsession_regenerate_id(true)topreventsessi
How do you loop through all the values stored in a PHP session?Apr 26, 2025 am 12:06 AMIn PHP, iterating through session data can be achieved through the following steps: 1. Start the session using session_start(). 2. Iterate through foreach loop through all key-value pairs in the $_SESSION array. 3. When processing complex data structures, use is_array() or is_object() functions and use print_r() to output detailed information. 4. When optimizing traversal, paging can be used to avoid processing large amounts of data at one time. This will help you manage and use PHP session data more efficiently in your actual project.
Explain how to use sessions for user authentication.Apr 26, 2025 am 12:04 AMThe session realizes user authentication through the server-side state management mechanism. 1) Session creation and generation of unique IDs, 2) IDs are passed through cookies, 3) Server stores and accesses session data through IDs, 4) User authentication and status management are realized, improving application security and user experience.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
