PHP coding security

PHP coding security I have put most of my energy into coding security because a highly secure project needs to be started over the past few days. I also learned about some security vulnerabilities in PHP coding. For example, XSS attacks and SQL injection. I am not qualified to write attack code. This article only records my knowledge about PHP security coding in recent days to prevent and reduce the risk of attacks.

1. XSS attacks

First, let's look at a piece of PHP code:

              
              <    form action    =    "    
      "    >        <    input type    =    "    submit    "     name    =    "    submit    "     value    =    "    submit    "         />        
                

The purpose is to submit to the current page. When we enter http: // localhost/xss/index. php. The page is submitted normally. This is what we want.

But http: // localhost/xss/index. php? When a = 1, the browser also submits normally. This is not what we want. When we enter http: // localhost/xss/index. php/% 3E % 22% 3E % 3 Cscript % 3 Ealert % 28% 27xss % 27% 29% 3C/script % 3E in the browser

Let's see what will happen. The prompt box for XSS is displayed in the browser. This indicates that the website is vulnerable to XSS attacks.

So how can we solve this problem? See the following code:

              
              <    form action    =    "    
      "    >        <    input type    =    "    submit    "     name    =    "    submit    "     value    =    "    submit    "         />        
                

Now, submit the above malicious code again, so that we can avoid being attacked.

The htmlspecialchars function converts some predefined characters into HTML objects.

2. SQL injection

Let's take a look at an example (this example only serves as an illustration and has no practical effect ):

              
              $name         =         $_GET    [    '    username    '    ];    mysql_query    (“SELECT     *     FROM users WHERE name    =    ’{    $name    }’”);              

When we enter http: // localhost/xss/index. php in the browser? Username = confusing. Normally, the SELECT statement of SQL is entered. This is what we want.

But when we enter: http: // localhost/xss/index. php in the browser? Username = confusing '; delete from users;

This SQL statement becomes:

              
              SELECT         *         FROM     users     WHERE     name    =    '    confusing    '    ;    DELETE         FROM     users;              

What a terrible thing. This statement deletes the users table.

So how can we prevent such incidents from happening?

1). verify input

See the following code snippet:

              
              if (get_magic_quotes_gpc()) {              
              
              　　$name = stripslashes($name);              
                    
              $name         =         mysql_real_escape_string    ($_GET['username'];    );    mysql_query    (“SELECT     *     FROM users WHERE name    =    ’{    $name    }’”);              

Is it safer.

There are also some better PHP function libraries, such as the Ctype I mentioned above. These tools are used to verify data. We can minimize the chance of being attacked as long as we carefully test the user input data.

I only write so much today, and I am still learning. If more information is found, it will be directly updated here.