•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the PHP section within the Web Development category of DaniWeb, a massive community of 363,830 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 4,113 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our PHP advertiser: Lunarpages PHP Web Hosting
Views: 725 | Replies: 16 | Solved
 |
•
•
Join Date: May 2008
Posts: 23
Reputation: 
Rep Power: 1
Solved Threads: 0
Newbie Poster
actually in the form submission i am writing the code like
when i chaged the same code in like,
after the above change, it run fine...
<form method="POST" action="reply.php">
when i chaged the same code in like,
<form id="reply" name="reply" method="post" action="reply.php?id=<?php $q_id=$_GET['id']; echo "$q_id";?>">
after the above change, it run fine...
•
•
Join Date: Nov 2007
Location: Bangalore, India
Posts: 2,895
Reputation:
Rep Power: 7
Solved Threads: 211
ah! cool..
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
*PM asking for help will be ignored*
*PM asking for help will be ignored*
•
•
Join Date: May 2008
Posts: 31
Reputation:
Rep Power: 1
Solved Threads: 5
Light Poster
•
•
•
•
Originally Posted by nav33n 
No.. That wouldn't be a problem.. You can pass an integer like a string, but not vice-versa.
I still believe its the form action which was causing the problem!
yea tacking get variables onto a form action is very bad form(no pun intended). Put the data in a hidden field or session and read it out of the appropriate array.
Anyone in the IT industry should get nervous when they see form variables or id's on query string. That stuff gets logged in some proxies (even over https in some cases) and if the proxy gets comprimised, so does your user that went through it, SSL notwithstanding. If the data is private or session related, use POST for form data and secure cookies for the session.
I had to rewrite session handling on a legacy app, after the whitehats pointed it out to me during an EH. The app was poorly designed and it took over a week to find it all in the source.
Last edited by rgviza : May 15th, 2008 at 3:15 pm.
•
•
Join Date: May 2008
Posts: 23
Reputation:
Rep Power: 1
Solved Threads: 0
Newbie Poster
thank you rgviza, but plz can you suggest me any tutorial about the matter.....
•
•
Join Date: Nov 2007
Location: Bangalore, India
Posts: 2,895
Reputation:
Rep Power: 7
Solved Threads: 211
Well, rgviza is saying, instead of having id in the action, pass the value of id in a hidden field. Access id value as $_POST['id'] instead of $_GET['id'].
ie.,
instead of
ie.,
instead of
<form method="post" action="test.php?id=1">
do, <form method="post" action="test.php"> <input type="hidden" name="id" value="1">
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
*PM asking for help will be ignored*
*PM asking for help will be ignored*
•
•
Join Date: May 2008
Posts: 23
Reputation:
Rep Power: 1
Solved Threads: 0
Newbie Poster
thank you nav33n for your great help....
•
•
Join Date: May 2008
Posts: 31
Reputation:
Rep Power: 1
Solved Threads: 5
Light Poster
•
•
•
•
Originally Posted by servis
thank you rgviza, but plz can you suggest me any tutorial about the matter.....
I learned it by EH and advice from experienced penetration testers. people compromise proxies and search the logs for qstring vars sent from forms. Some proxies log the data, even over ssl. When they get compromised an attacker will tail the log and look for session ids, credit card numbers etc. While the chances of useful info being pulled about _your_ site is pretty small from any given proxy, if one of your user's proxy servers gets hit, your user will be comprimised if the attacker is interested in their account.
Sending anything on query string that could be considered private, or is a session id is very dangerous with or without SSL. Apply that to whatever you do. Anyone can hijack a session once they have a valid id. It's not the ssl communication they are breaking, it's the proxy.
For session IDs use an https secured cookie. It's pretty easy to secure against this type of threat. The https cookie values and POST variables don't get logged.
Here's some good stuff.
This is a set of web application security guidelines. While not complete, it's a great start. At the bottom of the page are other great links.
-r
Last edited by rgviza : May 16th, 2008 at 11:35 am.
|
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
•
•
•
•
•
•
•
•
DaniWeb PHP Marketplace
Linear Mode
•
•
•
•
age amd avatar blue gene business chips database development dos economy energy enterprise environment hardware ibm ibm. news intel ibm it linux medicine memory microsoft news office open source openoffice pc ps3 recession red hat remote working russia security sex sun supercomputer supercomputing technology trends ubuntu working x86
- Problem with $_GET variable (PHP)
- datagrid working but php_self problem (PHP)
- PHP / SQL Delete From Statement Not working with URL? (PHP)
- mysql DELETE not working (PHP)
- URL with query is not working... (PHP)
- AJAX not working on firefox (JavaScript / DHTML / AJAX)
- echo not working (PHP)
- UPDATE query not working properly... (PHP)
- Pray for help on mod_rewrite rule (Linux Servers and Apache)
Other Threads in the PHP Forum
- Previous Thread: Write a one echo statment from html
- Next Thread: help needed for my update.....
