|
|
Posted by OmegaJunior on 02/27/07 07:41
On Tue, 27 Feb 2007 01:04:42 +0100, shror <shahirwm@gmail.com> wrote:
>
> first thing
> I have tested the radio button when i added the entire <img> tag in
> its value part and gave me errors because of the quotes like you said.=
> but then i was trying and i removed the quotes and its working great
> without any problem, its looking like this,
>
> <input type=3D"radio" value=3D"<img src=3D/images/button1.png>"
> name=3D"nature">
>
> its really working fine
Excellent! What happens when your image name contains a space? Like =
'/images/the first button.png'?
>
>
> second thing
> about securing the form i have tested the file named 'veryhidden.txt'
> and its not found, but i was wondering about what is this file and
> what is the use of it how its useful for hacker.
As I said, you may not have a veryhidden.txt (especially since I made up=
=
the file name), but you will have a lot of other files, that may contain=
=
passwords or other sensitive info, or may show pictures you'd rather onl=
y =
show to people you select. Point is, that a hacker will take a look at =
your form, then at the gallery.php, and then will come up with a fairly =
=
simple way of getting it to show any file on your system.
They'd have to guess the file names, so let's guess... I expect your sit=
e =
to have an 'index.php', maybe an 'index.html', possibly a 'default.htm' =
=
and a 'default.asp' depending on the web server, probably a '.htaccess',=
=
and perhaps a '.htpwd' or '.htpassword' in case you've chosen to secure =
=
some of your directories. In case you're using a unix or linux server it=
's =
possible that your mail is in your directories as well.
Imagine what would happen if you'd be running a database system that =
requires you to log in with a user name and password. Some systems I kno=
w =
use a file named 'config.ini' or 'config.php' for storing such =
configurations. Imagine a hacker who happens to know or guess the system=
=
you use, and then requests your gallery.php to show the contents of that=
=
configuration file? They'd get immediate access to your password, user =
name, and path to the database.
>
>
> third
> am working on finding a security way for the forms and will sure get
> your openion if you dont mind.
I don't mind at all.
Some things you can do:
1) Use an indexed file system, where you number your images, and you onl=
y =
pass the image numbers through your form. The gallery.php will then pick=
=
up the selected number and use it to fetch the accompanying picture. If =
=
you add a check to see whether the received number actually is a number =
=
and not just some text some hacker threw together, you'd be fairly safe.=
2) If you insist on passing the actual directory and file names, you may=
=
want to apply an encoding (base-64 for instance, see the b64_encode() =
function) to obfuscate the names in the form. Then decode the names in t=
he =
form handler (using b64_decode() for instance) AND check to see whether =
=
the wanted file exists in a directory of your liking (see the real_name(=
) =
and basedir() functions), AND check to see whether it's an image file an=
d =
not something else.
>
>
> fouth and finally for now is
> to Thanks you for your detailed answers and your help for now and
> later :D
Much obliged! I hope it helps!
-- =
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
Navigation:
[Reply to this message]
|