Sa second figure mo, napansin ko lang sa conditions mo,
if(empty($_POST["name"]))
suggest lang, cguro gamitin mo ang mga functions ng php para maging secure ang system. For now cguro oke lang yan kc basi panaman.
try mo to sa baba
1. Problem with empty value
<?php
$_POST["name"]=" "; ////puro space walang laman na character
if(!empty($_POST["name"])) //check if empty
{
echo "Your name is =". $_POST["name"]; ////echo the value
}
else
{
echo "Your name is ="empty"; ////echo the value
}
?>
OUTPUT: Your name is
So ang space ay valid value.
-> correct
a) if(!empty(trim($_POST["name"])) //trim spaces before checking if empty :note space between letters are not trim sample trim("he llo") = he llo
b) $name = trim($_POST["name"]; //trim spaces before checking if empty trim(" hello") = hello, trim(" hello ") = hello, trim(" h e l l o") = h e l l o
if(!empty($name)){}
FIX: gamit ka ng trim() function
ltrim() = trim spaces/empty value on left
rtrim() = trim spaces/empty value on right
trim() = trim spaces/empty value both sides
2) HTML tags will be inserted XSS attack
$_POST['"><script>document.write(document.cookie());</script>'];
so "><script>document.write(document.cookie());</script> is valid input
you can add htmlspecialchars()
htmlspecialchars($_POST['"><script>document.write(document.cookie());</script>'])
OUTPUT : "><script>document.write(document.cookie());</script>
3) SQL injection
dangerous when executed
$_POST['' or 1=1; --'];
$_POST['' or 1=1 drop table_users; --']; ' or 1=1 drop table_users; --
$_POST['' or 1=1 drop database ; --'];
str_replace('"', "", $string);
str_replace("'", "", $string);
Otherwise, go for some regex, this will work for html quotes for example:
preg_replace("/<!--.*?-->/", "", $string);
C-style quotes:
preg_replace("/\/\/.*?\n/", "\n", $string);
CSS-style quotes:
preg_replace("/\/*.*?\*\//", "", $string);
bash-style quotes:
preg-replace("/#.*?\n/", "\n", $string);
echo $_POST['lastname']; // O\'hack
echo addslashes($_POST['lastname']); // O\\\'hack
if (get_magic_quotes_gpc()) {
$lastname = stripslashes($_POST['lastname']);
}
else {
$lastname = $_POST['lastname'];
}
mysql_real_escape_string($user),
mysql_real_escape_string($password));
Marami pa....
-> dito kayo mag test online
https://eval.in/877730