On Friday 21 December 2001 02:39, you wrote: I believe (not sure so please clarify) that if your code was if ($pwd == "goodpwd") $lethimin = 1; else $lethimin = 0;
the code would be secure. only setting the variable when the pass is correct would be too easy to crack right? since I'd call the page like page.php?lethimin=bla now it's a string with text which evals TRUE which is a major security breach correct? kind regards & happy holidays > Hi everybody! > > Two things I consider urban myths about PHP (plus MySQL) - please let me > know what you think of these: > > 1. The evil global variables > > Ok, the classic > <? > if ($pwd=="GOODPASSWORD") > { > $lethimin=1; > } > [bullshit code] > if ($lethimin) > { > echo(fread(fopen("/etc/passwd","r"))); > } > ?> > is obviously valid. But let's be serious, who codes this? The example > code is valid and it's easily crackable indeed, but you don't do that > kind of thing - you do it in one step. Even if you really need the > bullshit code in there for some obscure reason, this is the log in code > damnit, anybody takes care of that! > > Why I raised this issue is because I think people tend to get paranoid > about PHP. And that happens in both worlds - customers and developers. > Nothing to say about customers, I'd be careful too if I heard some dude > got intoxicated at a McDonald's in Bogota. My problem is with developers > - they got it in their head that variables are your enemy and initialize > everything nowadays - including local variables! > > My question to you guys is this: does anybody know of a real example of > reasonably careful coding led to disaster with global variables? > > 2. Please enter your age: 25; drop database mysql > > Does this actually work? > > I've read at least a dozen articles telling people to get it in their > blood not to trust users and addslashes to any king incoming data, as > well as pass it as strings to mysql ("insert into person set age='$age'" > instead of "insert into person set age =$age). > > So I decided I had to test this: I wrote the code exactly as in the > example; I provided the exact dangerous input (well, to be honest, I > tried a select instead of drop mysql). When I tried it, the presumably > dangerous situation degraded into a trivial MySQL error. It went > something like "You have an error near '; select 1+1'". > > Did you ever actually try this? Does it work on your system? > > Thanks in advance for the input! > > Bogdan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]