Php general anti-injection and injection

Php universal anti-injection is mainly used to filter some SQL commands and php post get for reference. We/want to filter out some illegal characters, which can prevent basic injection, it is also necessary to install and set the apache server. Both the administrator username and password are encrypted using md5, which effectively prevents php injection.

Php tutorial general anti-InjectionIt mainly filters some SQL commands and php post get for reference. We/want to filter out some illegal characters, which can prevent basic injection, it is also necessary to install and set the apache server. Both the administrator username and password are encrypted using md5, which effectively prevents php injection.
The server and mysql tutorials also require enhanced security.
For linux Server Security Settings:
Use the "/usr/sbin/authconfig" tool to enable the password shadow function and encrypt the password.
Prohibit access to important files. Go to the linux Command interface and enter:
# Chmod 600/etc/inetd. conf // change the file attribute to 600
# Chattr + I/etc/inetd. conf // ensure that the file owner is root
# Chattr-I/etc/inetd. conf // restrict changes to this file
Prohibit any user from changing to a root user through the su command
Add the following two lines at the beginning of the su configuration file/etc/pam. d:
Auth sufficient/lib/security/pam_rootok.so debug
Auth required/lib/security/pam_whell.so group = wheel
Delete all special accounts
# Deleting users such as userdel lp
# Delete groups such as groupdel lp
Disable unused suid/sgid programs
# Find/-type f (-perm-04000-o-perm-02000)-execls-lg {};

$ Arrfiltrate = array ("'", ";", "union", "select", "insert", "update", "delete", "load_file ", "outfile ");

// Url to jump after an error

$ Strgourl = "";

Function funstringexist ($ strfiltrate, $ arrfiltrate)
{
Foreach ($ arrfiltrate as $ key => $ value)
{
If (eregi ($ value, $ strfiltrate ))
{
Return true;
}
}
Return false;
}

// Merge $ _ post, $ _ get, and $ _ cookie

If (function_exists (array_merge ))
{
$ Arrpostgetcookiesession = array_merge ($ http_post_vars, $ http_get_vars, $ http_cookie_vars );
$ String = implode ("", $ arrpostgetcookiesession );
}

// Verify

If (funstringexist ($ string, $ arrfiltrate ))
{
Echo "<script language =" webpage effect "> alert (" prompt, invalid character "); </script> ";
}
Else
{
Echo "<script language =" javascript "> window. location =" ". $ strgourl." "; </script> ";
}

Section 2 anti-injection instance

Php general anti-injection Security Code
Note:
Determines whether the passed variable contains invalid characters.
Such as $ _ post and $ _ get
Function:
Anti-Injection
**************************/
// Invalid characters to be filtered
$ Arrfiltrate = array ("'", ";", "union ");
// The url to be redirected after an error occurs. If this parameter is left blank, the previous page is displayed by default.
$ Strgourl = "";
// Whether the value in the array exists
Function funstringexist ($ strfiltrate, $ arrfiltrate ){
Foreach ($ arrfiltrate as $ key => $ value ){
If (eregi ($ value, $ strfiltrate )){
Return true;
}
}
Return false;
}
// Merge $ _ post and $ _ get
If (function_exists (array_merge )){
$ Arrpostandget = array_merge ($ http_post_vars, $ http_get_vars );
} Else {
Foreach ($ http_post_vars as $ key => $ value ){
$ Arrpostandget [] = $ value;
}
Foreach ($ http_get_vars as $ key => $ value ){
$ Arrpostandget [] = $ value;
}
}
// Verification starts
Foreach ($ arrpostandget as $ key => $ value ){
If (funstringexist ($ value, $ arrfiltrate )){
Echo "alert (/" neeao prompt, invalid character /");";
If (empty ($ strgourl )){
Echo "history. go (-1 );";
} Else {
Echo "window. location =/" ". $ strgourl ."/";";
}
Exit;
}
}

Let's take a look at the injection details.

Converted to ascii is char (97,108,112,104, 97)
The hexadecimal value is 0x616c706861.
(We will provide hexadecimal and ascii conversion tools on the CD)
All right, enter the following in the browser:

Http: // localhost/site/admin/login. php?
Username = char (97,108,112,104, 97) % 23

The SQL statement is changed:

Select * from alphaaut

Hor where username = char (97,108,112,104, 97) # and password =

21

As we expected, he ran smoothly and we got what we wanted.
Of course, we can also construct

Http://www.bKjia. c0m/site/admin/login. php? Username = 0x616c706861% 23

The SQL statement is changed:

Select * from alphaauthor where username
= 0x616c706861% 23 # and password =

Once again we were successful. Have a sense of accomplishment,

Maybe you will ask if we can put # In char ().
Actually char (97,108,112,104, 97) is equivalent to alpha
Note that quotation marks are added to alpha to indicate the alpha string.
We know that if you execute

Mysql> select * from dl_users where username = alpha;
Error 1054 (42s22): unknown column alpha in where clause

An error is returned. Because he thinks alpha is a variable. So we have to put quotation marks on alpha.
As follows:

Mysql> select * from dl_users where username = alpha;