php-general Digest 6 Sep 2011 21:47:39 -0000 Issue 7469
php-general Digest 6 Sep 2011 21:47:39 - Issue 7469 Topics (messages 314718 through 314719): Learn how to have a smooth skin 314718 by: Learn how to have a smooth skin REQUEST and COOKIE 314719 by: ALEJANDRO ZAPIOLA Administrivia: To subscribe to the digest, e-mail: php-general-digest-subscr...@lists.php.net To unsubscribe from the digest, e-mail: php-general-digest-unsubscr...@lists.php.net To post to the list, e-mail: php-gene...@lists.php.net -- ---BeginMessage--- Learn how to have a smooth skin. http://www.removehair.xhost.ro ---End Message--- ---BeginMessage--- Seeing the $_REQUEST[] and it is a matrix that has the content of $_GET, $_POST and $_COOKIE, I think this can be used maliciously into the script. i.e.: request1.php ?php setCookie(name,alejandro); echo scriptlocation.href='request2.php'/script; ? In this case, I'm setting the variable 'name' with value 'Alejandro', then redirects to request2.php request2.php ?php print_r($_COOKIE); echo br; print_r($_REQUEST); echo br; if(@$_REQUEST['name'] == admin){ echo I am admin; }else{ echo You can not see this page; } ? Here's the problem. The variable called 'name' is into REQUEST context, and this is accessible by GET and POST methods, and it is accessible by the COOKIE matrix as well. In this case, use Request is unsafe because I can change the variable called 'name' via GET method and it's give me access as admin. Mi question is: I do not see the good practice of using COOKIE values into of REQUEST, what I mean is that it can become in a programming bug. Also I could not fin answers anywhere else. thoughts? Thanks! ---End Message---
[PHP] REQUEST and COOKIE
Seeing the $_REQUEST[] and it is a matrix that has the content of $_GET, $_POST and $_COOKIE, I think this can be used maliciously into the script. i.e.: request1.php ?php setCookie(name,alejandro); echo scriptlocation.href='request2.php'/script; ? In this case, I'm setting the variable 'name' with value 'Alejandro', then redirects to request2.php request2.php ?php print_r($_COOKIE); echo br; print_r($_REQUEST); echo br; if(@$_REQUEST['name'] == admin){ echo I am admin; }else{ echo You can not see this page; } ? Here's the problem. The variable called 'name' is into REQUEST context, and this is accessible by GET and POST methods, and it is accessible by the COOKIE matrix as well. In this case, use Request is unsafe because I can change the variable called 'name' via GET method and it's give me access as admin. Mi question is: I do not see the good practice of using COOKIE values into of REQUEST, what I mean is that it can become in a programming bug. Also I could not fin answers anywhere else. thoughts? Thanks!
Re: [PHP] REQUEST and COOKIE
On 09/06/2011 05:47 PM, ALEJANDRO ZAPIOLA wrote: Seeing the $_REQUEST[] and it is a matrix that has the content of $_GET, $_POST and $_COOKIE, I think this can be used maliciously into the script. i.e.: request1.php ?php setCookie(name,alejandro); echo scriptlocation.href='request2.php'/script; ? In this case, I'm setting the variable 'name' with value 'Alejandro', then redirects to request2.php request2.php ?php print_r($_COOKIE); echo br; print_r($_REQUEST); echo br; if(@$_REQUEST['name'] == admin){ echo I am admin; }else{ echo You can not see this page; } ? Here's the problem. The variable called 'name' is into REQUEST context, and this is accessible by GET and POST methods, and it is accessible by the COOKIE matrix as well. In this case, use Request is unsafe because I can change the variable called 'name' via GET method and it's give me access as admin. Mi question is: I do not see the good practice of using COOKIE values into of REQUEST, what I mean is that it can become in a programming bug. Also I could not fin answers anywhere else. thoughts? Thanks! Why would you use this method to for authentication or validation? By default, $_REQUEST is populated with the $_GET, $_POST and $_COOKIE contents, which could potentially be modified by the remote user, which in turns makes the data not trustworthy. Never trust input data, ever, it must be sanitized, scrubbed, etc before even considering it trustworthy - in my opinion. As for your question, it makes complete sense to populate $_REQUEST with $_GET, $_POST and $_COOKIE contents by default because the three call in the REQUEST category for the HTTP protocol. Since the cookie was sent by the server, the COOKIE header is going to be evident in the REQUEST headers. Therefore, the only way a bug is going to be introduced and security breached is by the author of the code ;) http://us.php.net/manual/en/reserved.variables.request.php The PHP team even makes mention that the contents of $_REQUEST cannot be trusted. James
[PHP] dev to production server
Does anyone have a procedure or know of any tutorials that explain how to take a mac/apache/php/mysql dev environment and converting it to production environment? Basically I want to host my own web site on my local machine now that I have finished developing it. Thanks in advance! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php