Re: [PHP] Password Protection] -- My solution — PHP

You are here: Re: [PHP] Password Protection] -- My solution « PHP « IT news, forums, messages

Posted by Christophe Chisogne on 02/18/05 11:01

Mailit, LLC a écrit :
> $userName = $_POST[userName];
> $passw = $_POST[passw];
> (...)
> $cmd = "SELECT * FROM theTable "
> . "WHERE userName='$userName' ";
> $res = mysql_query( $cmd ) or die( "Password search failed." );

Without validating userName in $_POST, that code is vulnerable
to SQL injection, by example if userName starts by a single quote...

See the PHP Security Guide on 'SQL Injection'
http://phpsec.org/projects/guide/3.html#3.2

> $passe = crypt( $passw, $rec[ePass] );
> if( $passe == $rec[ePass] )

I seems that the above vulnerability cant be exploited,
but I think it's better to be aware of it.

Christophe

Navigation:

Prev in thread: Re: Password Protection
Next in forum: PHP to C interface?
Prev in forum: Re: [PHP] My FIRST php atempt
Thread view: Password Protection

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация