PHP security (1)

zhaozj2021-02-16  48

Original: John Coggeshall 07/31/2003

Translation: Easy

In the nearest column article ("Common Style Error (on)" and "Common Style Error (below)" I discussed some of the common makers to read and easily lead to the bad habits of BUG when writing PHP program.

In today's article, I will turn to discuss the focus of this series: when using PHP, the importance of security issues.

Focus on security issues

Far-not all

Prevent users from malignating your program is the most effective way to neglect it is to consider its possibilities when writing code. It is important to pay attention to the possible security issues in your code. Consider the following example functions designed to simplify the process of writing a large number of text files in PHP:

This function comes with two default parameters, file names and write Into the text. The function will check if the file has been opened; if so, the original file handle will be used. Otherwise, you will be created yourself. In both cases, the text will be written to the file. If the file name passed to the function is null, all open files will be turned off. The following is provided with an example.

If the developer is written in the format below to write multiple text files, then this function will be clear and easy to read.

Let us assume that this function exists in a separate file, this file contains code that calls this function. Next is a program, we call it quotes.php:

choose the nature of the quote: < ? php include_once ('write_text.php'); $ filename = "/ home / web / quotes / {$ _ get ['quote']}; $ quote_msg = $ _get ['quote_text']; if (Write_Text ($ FileName $ Quote_msg)) {echo "

quote saved! ";} else {echo "

Error Writing quote ";} WRITE_TEXT (NULL);" As you can see, this developer uses the Write_Text () function to create a system so that users can submit their favorite motto, these mottos will be stored A text file. Unfortunately, developers may have not thought that this program also allows malicious users to harm the security of Web Server. Maybe now you are thinking about how this seems that this seems and innocent program introduces security risks. If you can't see it, consider this URL, remember this program called quotes.php:

http://www.somewhere.com/fun/quotes.php?quote=diffERENT_FILE.DAT"E_TEXT=GARBAGE DATA

What will happen when this URL is delivered to the web server?

Obviously, quotes.php will be executed, but it is not one of the three files we hope to, and the new file called Different_File.dat will be established, which contains a string Garbage Data. .

Obviously, this is not the behavior we want, malicious users may create an account by specifying quote to ../../../etc/passwd to create an account (although this requires Web Server runs in a Superuser, if This is the case, you should stop reading and fix it immediately). If / home / web / quotes / can be accessed through browser, the most serious security issue that may be this program is that it allows any user to write and run any PHP program. This will bring infinite trouble. There are some solutions here. If you only need to write some files under the directory, consider using a related array to store the file name. If the user entered file exists in this array, you can write safely. Another idea is to remove all characters that are not numbers and letters to ensure that there is no directory segmentation symbol. There is also a way to check the extension of the file to ensure that the file will not be executed by Web Server.

The principle is very simple, as a developer you must consider more when you want to run when you want. What happens if illegal data enters a FORM element? Does malicious users can make your program run in an undesirable way? What method can prevent these attacks? Your web server and php programs are only secure under the weakest security link, so it is important to confirm that these may not safely link.

Common mistakes involving security

Here is some points, a brief list of mistakes that may endanger security coding and management mistakes

Error 1. Trust data

This is the subject of discussion about my PHP program, and you can never believe an external data. Regardless of whether it comes from the user submits a form, the file system file or environment variable, any data cannot be simply adopted. So the user input must be verified and formatted to ensure security.

Error 2. Store sensitive data in a web directory

Any and all sensitive data should be stored in a file independent of the program that requires data and saves in a directory that cannot be accessed through the browser. When you need to use sensitive data, you will be included in the appropriate PHP via the include or Require statement.

Error 3. Do not use recommended security measures

The PHP manual contains a complete chapter on security prevention when using and writing a PHP program. The manual is also (almost) When the case clearly shows how potential security risks and how to reduce risk to the lowest. Another example is that malicious users rely on developers and administrators to get careful safety information to obtain system permissions. Pay attention to these warnings and take appropriate measures to reduce the likelihood that malicious users give your system.

转载请注明原文地址:https://www.9cbs.com/read-25650.html

New Post(0)