Previous Thread
Next Thread
Print Thread
Rate Thread
#18524 09/24/05 10:14 AM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
OP Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
Learner's Picks:
You will need the following(assuming you know html, xhtml, xml, or some markup to dissplay data)

date
http://us2.php.net/manual/en/function.date.php

sessions(login auth)
http://us2.php.net/manual/en/function.session-start.php
http://us2.php.net/manual/en/function.session-is-registered.php
http://us2.php.net/manual/en/function.session-unregister.php
http://us2.php.net/manual/en/function.session-unset.php

MySQL db functions(unless of course you want to learn a different db)
http://us2.php.net/manual/en/function.mysql-connect.php
http://us2.php.net/manual/en/function.mysql-close.php
http://us2.php.net/manual/en/function.mysql-query.php
http://us2.php.net/manual/en/function.mysql-fetch-array.php
http://us2.php.net/manual/en/function.mysql-fetch-assoc.php

MySQL links
http://dev.mysql.com/doc/mysql/en/delete.html
http://dev.mysql.com/doc/mysql/en/insert.html
http://dev.mysql.com/doc/mysql/en/update.html

Gizmo's Picks:
arrays:
http://us2.php.net/manual/en/function.array.php
http://us2.php.net/manual/en/ref.array.php

file_exists:
http://us2.php.net/manual/en/function.file-exists.php

file:
http://us2.php.net/manual/en/function.file.php

fopen/fclose:
http://us2.php.net/fopen
http://us2.php.net/manual/en/function.fclose.php

fsockopen:
http://us2.php.net/manual/en/function.fsockopen.php

other disk/file functions:
http://us2.php.net/manual/en/function.disk-free-space.php
http://us2.php.net/manual/en/function.disk-total-space.php
http://us2.php.net/manual/en/function.chmod.php
http://us2.php.net/manual/en/function.copy.php
http://us2.php.net/manual/en/function.delete.php
http://us2.php.net/manual/en/function.filesize.php
http://us2.php.net/manual/en/function.filetype.php
http://us2.php.net/manual/en/function.flock.php
http://us2.php.net/manual/en/function.is-writable.php
http://us2.php.net/manual/en/function.touch.php

BTW, if you're going to go off playing with MySQL you should also look into:

http://us2.php.net/manual/en/function.str-replace.php
http://us2.php.net/manual/en/function.stripslashes.php
http://us2.php.net/manual/en/function.strip-tags.php

so you don't go and get yourself owned...

Coding for Security:
Trust nothing from the user. Code every form as if you know a hacker is coming at it. Also safe guard from URL submissions. Remember the GET method. If someone views source on your form they will see all variables that will be passed. Even if you are using host, they can mess with the URL and try submiting malious code that way.

1.) Code like registered globals is off.
http://us2.php.net/variables.external

2.) Make sure the user came from the page the form is on. See the predefined variables
http://us2.php.net/manual/en/reserved.variables.php#reserved.variables.request

Here is a function snagged from PHP.net to make sure your forms are secure.
PHP Code

<?php


function form_post_check()
{
$referring_url = $_SERVER['HTTP_REFERER']; // get the referring URL
$host = $_SERVER['HTTP_HOST']; // get the header from the current request (example: www.yoursite.com)
$valid_url = 'http://'.$host.'/'; // finish defining a valid referring URL
$valid_len = strlen( $valid_url ); // get the length of the valid url

// if the valid url isn't the first part of the referring url
if ( substr( $referring_url, 0, $valid_len ) != $valid_url )
{
die(
'You submitted this form from an invalid URL.' ); // stop everything and display a message
}
}

?>
Useful Links:
If you are going into mySQL get very used to reading the manual on thier site.
http://dev.mysql.com/doc/mysql/en/tutorial.html

Also see thier forums
http://forums.mysql.com/

for thier PHP forum
http://forums.mysql.com/list.php?52

Most MySQL you can just see the info on PHP.net and run with it. Some tricky stuff you will need to look at thier manual and play with the PHP code to get it to work.

PHP.net MySQL functions
http://us2.php.net/manual/en/ref.mysql.php


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
1 member likes this: JAISP
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
Offline
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
As of php 5 no longer use mysql_blah Now use functions mysqli_blah See url

http://us3.php.net/manual/en/ref.mysqli.php

Using these funtions is much more secure than mysql. and they benchmark for more indepth queries. But a major reason to use them is you can do more OOP object oriented programming, and you can release the arrays formed from memory at the end of the function.

Check this out on ZEND.
http://www.zend.com/php5/articles/php5-mysqli.php

You will notice there is no more mysql_db_select&#0028&#0029;; The db is in the mysqli_connect‹›; function. This it seems was a security hole. If you did not specify a db it would open a connection to a default. BAD times.


Now I also learned a nifty little trick. We all know not to accept data from a user as being clean. We have to check it. So you probably use

$my_var = $_POST[my_var]; // for post methods
$my_var = $_GET[my_var]; // for get methods

But just because we know where it came from does that make it safe? We could use strip_tags‹›; or htmlentities‹›;

But check this out. At the top of your code verify all veriables you know are coming in and try to make as many as possible integers.

$my_var = ‹int›$_GET[my_var];// 100% safe variable

Now even if the user take the URL and changes it my script will convert anything it gets to an integer. So if the attacker took

http://bougus_site.com?myfunction=process&my_var=2134

and changed it to

http://bougus_site.com?my...=phpinfo‹›;

My script would convert this to an integer making $my_var = 0;

so if you build your scripts so they all used integers and set it up so no integer should ever be "0" then you could detect when and who is messing with the URLs easily using sessions and some predefind variables.

Joined: Jun 2003
Posts: 807
Likes: 2
G
UGN Super Poster
Offline
UGN Super Poster
G
Joined: Jun 2003
Posts: 807
Likes: 2
Speaking of MySQL, here is a segment of code that I find extremely useful and efficient for what it does (forgive the PHP 4)

PHP Code


$Query
= 'SELECT * FROM table WHERE 1=1';
$mysql_Query = mysql_query($Query);

$i = 0;
while(
$Query_data = mysql_fetch_assoc($mysql_Query)) {
$mysql_array[$i] = $Query_data;
$i++;
}


Gets all the rows for a query as opposed to just one, as is done with mysql_fetch_assoc. I find it extremely awesome.

Last edited by Gizmo; 01/03/07 06:14 PM.
1 member likes this: JAISP
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
Offline
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
Quote:
Originally posted by Ghost:
Speaking of MySQL, here is a segment of code that I find extremely useful and efficient for what it does (forgive the PHP 4)

PHP Code


$Query
= 'SELECT * FROM table WHERE 1=1';
$mysql_Query = mysql_query($Query);

$i = 0;
while(
$Query_data = mysql_fetch_assoc($mysql_Query)) {
$mysql_array[$i] = $Query_data;
$i++;
}


Gets all the rows for a query as opposed to just one, as is done with mysql_fetch_assoc. I find it extremely awesome.
There isn't major differences... Here, here is an example of 5 and 4 to see some differences. Basicaly you can save a few lines of code in 5. It is a bit more secure in 5.


Lets say you are processing a login from a web form.

PHP Code
 

//////////////////////////////
// PHP 5 OOP way
//////////////////////////////

$mysqli = new mysqli("localhost", "username", "password", "database"); // php 5 connect makes you specify the db in the connect statement
//this makes for better security

$dg = "SELECT * FROM members WHERE"
."member = "$login'"
."and psswd = '
$cpass'";// the ."and can go on and on and on
if($result = $mysqli->query($dg)){ // only do the following if the query worked

WHILE($result2 = $result->fetch_array(MYSQLI_ASSOC)){ //OOP way of mysql_fetch_array
$my_array[] = $result2; //[] will fill with the num values

}$result->close();//release memory used in query and while loop
$mysqli->close();//close db connection
$my_array_count = count($my_array); // get a count of all in the array

// count($value, COUNT_RECURSIVE); counts the values in a multi demensional array

}else{
echo "I am sorry we can not process your request at this time"; //graceful failure
// set mail(); function here to notify admin of errors
}
for($i = 0; $i <= $my_array_count; $i++){ // why we counted the array

//do stuff with data

}
Now we look at php 4

PHP Code
 

//////////////////////////////
// PHP 4 Procedural style
//////////////////////////////

$dbc = mysql_connect("localhost", "username", "password"); // php 4 connect can open a connection to a default db, this is bad
$dbs = mysql_select_db('mt_database', $dbc);// use the mysql_connect values and a database name to auth a database
//this makes for better security

$dg = "SELECT * FROM members WHERE"
."member = "$login'"
."and psswd = '
$cpass'";// nothing changes here
$result = $mysql_query($dg); // Now we have to do a second function to check
if($result){
WHILE($result2 = mysql_fetch_array($result)){ //Procedural style of mysql_fetch_array
$my_array[] = $result2; //[] will fill with the num values
}
$my_array_count = count($my_array); // get a count of all in the array
// count($value, COUNT_RECURSIVE); counts the values in a multi demensional array
}else{
echo "I am sorry we can not process your request at this time";//graceful failure
// set mail(); function here to notify admin of errors
}
for($i = 0; $i <= $my_array_count; $i++){ // why we counted the array
//do stuff with data
}

Last edited by §intå×; 06/02/08 03:03 AM.
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
Offline
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
When working with classes I have found the __autoload() function very nice. It saves you from haveing a tone of require once() statements.

if you name your classes using the naming convention of the PEAR project you could do this.

PHP Code


function __autoload($classname){
$path = str_replace('_', DIRECTORY_SEPARATOR, $classname);
$path = $_SERVER[DOCUMENT_ROOT]."/$path.php";
require_once(
$path);
}


The naming convention is one '_' for every '/' in the directory path to get to your file.

So /home/docs/public_html/project/classes/myclass.php could be
PHP Code


class classes_myclass{
/*
class code here
*/

}


$_SERVER[DOCUMENT_ROOT] should fill in /home/docs/public_html/project. What __autoload does is if a attempt to call the class fails it will hit the function I gave and try one last time to open and used the file needed. This allows you to only call files as needed. You can then add a bit more abtration to your classes.

I have yet to get this to work within a class though or work with a class method that creates a new object.

Last edited by Gizmo; 01/03/07 06:12 PM.
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
OP Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
BTW, if you're going to post PHP code, use the [php] tags vs the [code] tags, it'll use the php syntax highlighter wink


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Jan 2007
Posts: 1
G
UGN Newbie
Offline
UGN Newbie
G
Joined: Jan 2007
Posts: 1
That's so good!!!!he he ```

Joined: Sep 2005
Posts: 102
T
UGN Member
Offline
UGN Member
T
Joined: Sep 2005
Posts: 102
I still use the listed resources from this post! Thanks again!

Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
Offline
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
Originally Posted by Testing
I still use the listed resources from this post! Thanks again!


Keep coming back too. I learned most of what I know on this site. Gizmo is the man.

Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
OP Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
Originally Posted by §intå×
Keep coming back too. I learned most of what I know on this site. Gizmo is the man.
An anal retentive man who made you cry and reanalyze every bit of code you've ever made... lol


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner

Link Copied to Clipboard
Member Spotlight
Posts: 30
Joined: June 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Crime 1
Ice 1
Dartur 1
Cyrez 1
Powered by UBB.threads™ PHP Forum Software 7.7.5