Jump to content

PHP, security and features

Pyro

By Pyro
in Tech and Computers

 Share

Recommended Posts

Pyro

Pyro

Posted
Posted

While making some basic PHP-code for a site, I've created this small script:

 

 

 

 

 

 

 




//This script has been modified, variables have been changed/removed for security reason.



<?



mysql_connect($host,$username,$password);



@mysql_select_db($database) or die( "Unable to select database");







$query="SELECT * FROM info";



$result=mysql_query($query);







mysql_close();







$article = $_GET["article"];







$content=mysql_result($result,$article,"content");



echo "$content";







?>

 

 

 

 

 

 

 

What it does is use the URL (like if you enter hi.php?article=5 it will find article number 5) to get the right document from the database. However, I'm a bit concerned about security. My knowledge of PHP is a bit lacking, basically I can create a script like this and mod phpbb, but that's about it. Are there any obvious security flaws in this way of using a database?

 

 

 

 

 

 

 

Beyond that, I'd like to tweak it a bit.

 

 

 

 

 

 

 

At the moment, the table it uses looks like this:

 

 

 

 

 

 

 

ID | CONTENT

 

 

 

0 | Blabla

 

 

 

1 | Blabla

 

 

 

2 | Blabla

 

 

 

 

 

 

 

Et cetera. When I use the above script to get an article, the script does not get the article that has the relevant ID number, it gets the article with that position in the table. Now, they are both the same so it doesn't matter, but it's a bit inconvenient for those times when I need to make changes to it. Is there a simple way to make it go by the ID column instead of location in the table?

 

 

 

 

 

 

 

Cheers.

Link to comment
Share on other sites
Ks_Jeppe

Ks_Jeppe

Posted
Posted

If you make it $article = int($_GET["article"]); instead, it'll make convert the $_GET value into a number... Any text would get the number 0, so if a hacker would try to use a inject here, it wouldn't work... It's the same method used on tip.it, and we havent been (that way) hacked yet ;)

Link to comment
Share on other sites
Ks_Jeppe

Ks_Jeppe

Posted
Posted

And about the selection thing...

 

 

 

 

 

 

 

//This script has been modified, variables have been changed/removed for security reason.

 

 

 

<?

 

 

 

$article = intval($_GET["article"]);

 

 

 

 

 

 

 

mysql_connect($host,$username,$password);

 

 

 

@mysql_select_db($database) or die( "Unable to select database");

 

 

 

 

 

 

 

$query = "SELECT * FROM info WHERE id = ".$article;

 

 

 

$result = mysql_query($query);

 

 

 

 

 

 

 

while ($myrow = mysql_fetch_array($result)) {

 

 

 

print $myrow['content'];

 

 

 

}

 

 

 

 

 

 

 

mysql_close();

 

 

 

 

 

 

 

?>

Also, make ID a primery key field..
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept