Posted by Jerry Stuckle on 09/29/69 12:01

MZ wrote:
>
> Użytkownik "Jerry Stuckle" <jstucklex@attglobal.net> napisał w
> wiadomości news:4YWdnYxNTt_OfAHanZ2dnUVZ_gadnZ2d@comcast.com...
>> MZ wrote:
>>> Hello!
>>>
>>> How to prevent from such try of attack of the website?
>>>
>>>
>>> http://www.domain.com/index.php?id=%3Cscript%3Ealert(document.cookie);%3C/script%3E
>>> Thank you in advance for help
>>> M.
>>>
>>>
>>>
>>
>> As in your other question, there is no inherent vulnerability in PHP
>> for this.
>>
>> But this is also javascript, not PHP, and PHP doesn't execute javascript.
>>
>
> Yes I knew it is javascript code, but I asked it because if there would
> be a problem
> so this problem would in PHP.
>

And exactly what would the PHP problem be? PHP doesn't execute JavaScript.

> I also has one more question to you:
>
> If I have parameter which is a number and send it by GET method, i.e.
>
> www.domain.com/index.php?id=1
>
> Can you write me if such PHP protection will be sufficient after
> generating such URL:
>
> if ($_GET["id"]>0 && $_GET["id"]<99999999999 && is_numeric($_GET["id"]))
> {
> //then execute the following code
>
> //checking if there is a record in the database which has id = 1 if so
> then executing the rest of the code
> }
> else
> {
> not executing code
> }
>
> 99999999999 is the max value because it is declared as BIGINT(11)
>
> Thank you for your help
> M.
>

No, it's not.

First of all, you need to check to see if it's numeric BEFORE the other
tests. But if it's an integer id, then you need to ensure the value is
an integer - for instance:

$id = intval($_GET['id']);
if (strval($id) != $_GET['id'])


Google for SQL Injection to get some other ideas.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]