PHP - Help To Stop Hackers!
Hi,
Just received this email from a random person saying they were able to obtain the username and password for the site admin page from the MySql Database: [07:33:33] [INFO] testing if GET parameter 'id' is dynamic [07:33:34] [INFO] confirming that GET parameter 'id' is dynamic [07:33:35] [INFO] GET parameter 'id' is dynamic [07:33:35] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis [07:33:35] [INFO] testing unescaped numeric injection on GET parameter 'id' [07:33:37] [INFO] confirming unescaped numeric injection on GET parameter 'id' [07:33:37] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis [07:33:37] [INFO] testing for parenthesis on injectable parameter [07:33:40] [INFO] the injectable parameter requires 0 parenthesis [07:33:40] [INFO] testing MySQL [07:33:41] [INFO] confirming MySQL [07:33:41] [INFO] query: SELECT 0 FROM information_schema.TABLES LIMIT 0, 1 [07:33:41] [INFO] retrieved: 0 [07:33:51] [INFO] performed 13 queries in 9 seconds [07:33:51] [INFO] the back-end DBMS is MySQL web server operating system: Linux Red Hat web application technology: PHP 5.2.11, Apache 2.2.3 back-end DBMS: MySQL >= 5.0.0 +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + | admin | email | firstname | lastname | password | userid | username | +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + | 1 | blah | blah | blah | blah | 1 | blah | +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + blah MD5 : blah -- I've changed all the details to 'blah' for the purpose of this post. Does anyone know how I can secure my PHP to stock this injection? Thanks, Jack Similar TutorialsCode: [Select] if ($ibforums->input['display1'] == "1"){ // }else{ $std->Error2("You're being Nawty!"); } Ok, this works fine. If they submit anything other then "1" for that input it shows "you're being nawty" but I want it to beable to be anything besides 1 or 0 so I added Code: [Select] if ($ibforums->input['display1'] == "0" OR "1"){ // }else{ $std->Error2("You're being Nawty!"); } and it still let's me submit anything...... i only want my $ibforums->input['display1'] to accept 1 or 0 as a input!!!! I don't want any hackers submitting other input values for this field! any help?! Good day friends, please i am still an upcoming developer please could you help me check if this contact form code is secured from hackers. Thanks
<?php I have a system setup to pull a while() query out of a file. As follows: // In another file that is included into the one I'm running. $support_1_start = './includes/modules/while/support.1.open.php'; $support_1_stop = './includes/modules/while/support.1.close.php'; // The actual file. include($support_1_start); // This starts the mysql while() query. ?> // Data should be displayed here... <?php include($support_2_stop); // This ends the mysql while() query. The only problem is that I'm getting the following error: Code: [Select] Parse error: syntax error, unexpected $end in /home/nuke/public_html/includes/modules/while/support.1.open.php on line 16 I assume its because I included the while() function, but didn't close it in that file, but instead another file. Maybe you know how to fix this? If you want my complete source code in order of what is ran: http://www.nuclear.apnx.us/source.txt I'm tired and want to sleep so my mistakes are getting lots now. Anybody awake that can explain my problem with the code below. <? function directoryToArray($directory, $recursive) { $array_items = array(); $i = "0"; if ($handle = opendir($directory)) { while (false !== ($file = readdir($handle)) && $i < "3") { if ($file != "." && $file != "..") { if (is_dir($directory. "/" . $file)) { if($recursive) { $array_items = array_merge($array_items, directoryToArray($directory. "/" . $file, $recursive)); } } else { $file = $directory . "/" . $file; $array_items[] = preg_replace("/\/\//si", "/", $file); $i++; } } } closedir($handle); } natsort($array_items); return array_reverse($array_items); } $data = directoryToArray('images/screenshot/', TRUE); print_r($data); ?> What I want is for the while loop to stop after 4 hits and exit and give me the return results. But now it continue until readdir end. hi i need some help . i see some person use bot traffic or proxey taffic software or script like jiggling and hitleap . they give a url of any sites then this software proxey view this websites.. i want asked can it possible stop these bot traffic its any procedure in php or javascript to stop this traffic..
I need a way to keep entrys into a database from being doubled. The issue is that on something like %7B%7D that is the same as {} in html. So if one is entered in with the percentages and one is entered in normal, the data base thinks they are two different items even though they could be the exact same thing. Now when I insert the new item into the data base the value ='s mysql_real_escape_string(htmlentities(item)) is how I do it now. This is wrong im guessing cause it could go with either of the above examples and puts them in as given. So my question here is kinda two parted. 1) how do I get it to insert the info one way or the other but never both being allowed. So {} will always show %7B%7D when inserted or visa versa. and 2) How do I take an existing database and sort threw it to make sure they are all the same as 1 codes the new ones in, and take out any possible dupilications due to the difference? I've tried this: <?php $xsblock = $_SERVER['HTTP_REFERER']; $url = "testchan"; $pos = strpos($xsblock, $url); if ($pos == false) { die(); } else { echo "content content content content content content content content"; } ?> How can I do this correctly? Thanks in advance! I need some quick help with this, This is my file upload row loop, I want to add the if <b>k = 4</b>, then you have reached the maximum upload. Or something to that Effect. PRetty much only allowing 4-upload per user, before stoping the upload feature.. row count Code: [Select] <?php $k = 4; //$n=5; for ($i=0, $n=count( $this->songs ); $i < $n; $i++) //for ($i=0, $n=count( $this->songs ); $i < $n; $i++) { $song = &$this->songs[$i]; $checked = JHTML::_('grid.id', $i, $song->id ); $link_edit = JRoute::_( 'index.php?userid='.$this->xxx->user_id.'&layout=form&id=' . $song->id .'&from=xxx'); $tick = JHTML::image("images/tick.png",JText::_('Yes')); $tick_file = JHTML::image("images/tick.png",JText::_('Yes'),array("title" => $xxx->filename)); $cross = JHTML::image("images/publish_x.png",JText::_('No')); ?> End row count Code: [Select] <?php $k = 1 - $k; } ?> Hi, Was just wondering if I could get help with this programming problem, I am programming a diary system that people can use to book appointments within time slots on a current day. I have the below code reading from three database tables (one for appointment details, one for the profile of whom booked the appointment and lastly a LEFT JOIN table of times from 09:00:00 to 17:30:00). The functionality of this diary of time slots is where there is a booked slot, slip the appointment attendee into that slot so the avaible link is not seen so no one can book over the appointment. This is where the problem comes into play, if there is an appointment expanding lets say 45 minutes which means other time slots will be taken, it just echos out the same appointment details so then I am getting it duplicating. for example down below; 09:00:00 - Booked Appointment (name) - Duration: 30 Minutes 09:15:00 - Booked Appointment (name) - Duration: 30 Minutes 09:30:00 - Booked Appointment (name) - Duration: 30 Minutes Now what I would like the solution to is if there is a way to maybe stop the duplication by showing the first row of the start time of the appointment and then change the the next rows to unavailable? Or even collapsing the time rows so if an appointment is booked at 09:00:00 for 30 mnutes, then the next available time slot would be 09:45:00 so the record would not duplicate. Here is a screenshot to help you a bit better - http://img185.imageshack.us/img185/7981/72314500.png Here is my source code, would appreciate any suggestions on how I would do this! <?php include('connection.php'); //Query $comment = "SELECT * FROM timeslots LEFT OUTER JOIN (SELECT time,endtime,status,firstname,secondname,duration FROM appointments INNER JOIN profile ON profile.id=appointments.id WHERE appointments.DATE = '" .$_GET['date']."') AS a ON a.time <= timeslots.timeslot AND a.endtime >= timeslots.timeslot"; $commentresult = mysql_query($comment); // If commentresult = false then query return fail if ($commentresult == false) { die("Your Query isn't working correctly! :-( "); } // If commentresult = true then echo below information with results if (mysql_num_rows($commentresult) >= 1) { // Start Rows while($cr = mysql_fetch_array($commentresult)) { // Start While Loop { // Process While Loop $_GET['time'] = $cr['timeslot']; $status = $cr['status']; if($status=="") { // Start IF Status // echo Available echo "<table border='0' width='800'> <tr><td width='35'><div class='content'>".$cr['timeslot']."</div></td> <td width='100'><div class='content'><a href='book_slot.php?date=".$_GET['date']."&id=".$_GET['id']."&time=".$_GET['time']."'>Available</a></div></td> <td width='100'><div class='content'></div></td> <td width='120'><div class='content'></div></td> </tr></table>"; } // End IF Status else { // Start ELSE status // echo Appointment within Time Slot echo "<table border='0' width='800'> <tr><td width='35'><div class='content'>".$cr['timeslot']."</div></td> <td width='100'><div class='content'>".$cr['status']."</div></td> <td width='120'><div class='content'>".$cr['firstname']." ".$cr['secondname']."</div></td> <td width='120'><div class='content'>".$cr['duration']." Minutes</div></td> </tr></table>"; } // End ELSE Status } // End Process While Loop } // End Loop } // End Row // Else statement else { echo "<img src='info.png'> There are no appointments for this day!"; } // Close database connection mysql_close($dbconnection); ///////////////////////////// ?> I have made a script that allows a user to change their email address. It works BUT if the email address they have chosen is already registered the script does not cut off - it continues to the next if statement and changes the email address anyway. I am trying to put a stop to it using exit() and exit; but it does not work. Any tips? <?php //////////////////// checking new email is not already registered ///////////////// if ($_POST['newemail'] && $_POST['newemail1'] !="") { if ($_POST['newemail'] == $_POST['newemail1']) { $sql2 = "SELECT email FROM Members WHERE email='$_POST[newemail]'"; $result2 = mysqli_query($cxn,$sql) or die ("Couldn't execute query 2"); $num2 = mysqli_num_rows($result2); if ($num2 > 0) { $updateerror = "The email address you have chosen is already registered."; include("my-account.php") exit(); // TRYING TO STOP THE SCRIPT HERE (IF $num2 > 0) exit; } else { echo "You can have this new email address";} } else { echo "Your email addresses do not match. Please try again."; } } else {} // THIS SCRIPT CONTINUES TO CHANGE THE EMAIL ADDRESS DESPITE IT ALREADY BEING REGISTERED. if ($_POST['newemail'] == "") { $newemail = $_POST['currentemail']; } else { $newemail = $_POST['newemail']; } $newemail1 = $_POST['newemail1']; ?> This may not the best place to post this but I'm sure quite a few people here can help. I have an a tag which uses the event trigger "onClick" However when I click on this link the page refreshes. Is there anyway I can stop this? I have copied my code below. <a href=\"#\" class=\"" . $a[$i] . "\" onClick=\"locationValue('" . $a[$i] . "', '" . $_GET['search_type'] . "')\"> Hello friends, I've php script that create files for example you enter file name (ex : test.php) file content (ex: any text ) it will create test.php file with the same content you entered. but the problem it add back slah \ before " or ' how can i stop it and make it not add back slash before " and ' here is the code <?php function saveFile($filename,$filecontent){ if (strlen($filename)>0){ $file = @fopen($filename,"w"); if ($file != false){ fwrite($file,$filecontent); fclose($file); return 1; } return -2; } return -1; } ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="domain" id="domain"> File name: <input name="filename" type="text" value="<?php echo $domainbase; ?>" /> File content: <textarea name="filecontent" rows="15" cols="46"></textarea> <input type="submit" name="submitBtn" value="Save file" /> </form> <?php if (isset($_POST['submitBtn'])){ $filename = (isset($_POST['filename'])) ? $_POST['filename'] : '' ; $filecontent = (isset($_POST['filecontent'])) ? $_POST['filecontent'] : '' ; if (saveFile($filename,$filecontent) == 1){ echo "File was saved"; } else if (saveFile($filename,$filecontent) == -2){ echo "An error occured during saving file"; } else if (saveFile($filename,$filecontent) == -1){ echo "Wrong file name"; } } ?> thank you alot it will really helps me alot I am trying to get information from a website and these information are seperated by <br> Quote Samsung ML-3310ND <br> AC Cable (UK) <br> CD/DVD (including Software/ Utilities/ Drivers and User Manuals) <br> Setup Guide <br> Black Toner Cartridge 2000 pages When I import this to the database it becomes Quote Samsung ML-3310NDAC Cable (UK)CD/DVD (including Software/ Utilities/ Drivers and User Manuals) Setup GuideBlack Toner Cartridge 2000 pages How would I get it exactly how it looks. so it doesnt print in one paragraph. this is the code I am using.. Code: [Select] $inbox = $html->find( "#ctl00_placeholderMain_pnlInTheBox" ); if ( isset( $inbox[ 0 ] ) ) { // Tidy it up - remove commas and weird Word chars $box = strip_tags( $inbox[0] ); //$box = substr( $box, strpos( $box, ";" ) + 1 ); $box = strpos($box, ';') !== FALSE ? substr( $box, strpos( $box, ";" ) + 1 ) : $box; $box = str_replace("", "<br>", $box ); } else { $box = "0"; } I need a way to start a program and store the PID, then manage to stop it at the users request later. Im not sure how i would go about this. It has to work on Windows, Any help? Thanks. Hi I have an include page full of functions in a secure folder with htaccess. My problem is if the include file does not exsist, I get the following. Warning: include(secure/SecureFunctions.php) [function.include]: failed to open stream: No such file or directory in /home/fhlinux190/d/otoole.co.uk/user/htdocs/streetangels/index.php on line 3 Warning: include(secure/SecureFunctions.php) [function.include]: failed to open stream: No such file or directory in /home/fhlinux190/d/otoole.co.uk/user/htdocs/streetangels/index.php on line 3 Warning: include() [function.include]: Failed opening 'secure/SecureFunctions.php' for inclusion (include_path='.:/usr/share/pear-php5') in /home/fhlinux190/d/otoole.co.uk/user/htdocs/streetangels/index.php on line 3 TIA Desmond. Fatal error: Call to undefined function session_init() in /home/fhlinux190/d/des-otoole.co.uk/user/htdocs/streetangels/index.php on line 6 Is there any way to suppress this as it is giving hackers information. Hello all. Is it possible to have a link that can start and stop a service on the web server? It is a windows 2003 server. Thanks, Mike I have a habit of doing stuff like such: Code: [Select] <div class="portal_box"> <h2>Welcome to ZombieCraft's Highscores!</h2> <div class="portal_content"> Here you can sort the pros from the noobs, or just simply see whos on top of their game. The highscores will show the highsest scores, greatest to least. If you want to see a certain user's score, then just use the search button! <?php $username = $_SESSION['loggedin']; $extract_user_rank = mysql_query("SELECT rank FROM users WHERE username='$username'"); $grab = mysql_fetch_assoc($extract_user_rank); if($grab['rank'] > 0) { echo "</br><br/><a href='control_panel.php'>Admin Control Panel</a>"; } else { //return nothing } ?> </div> </div> I've been told a good bit of times that I need to stop using HTML and PHP in the same lines. How would one accomplish this? Ok I'm trying to make word replace but I'm have some problems , first I have in my database row "words" have the words it look for to replace row "wordsys" have the replacement word the problem I'm have is let say the text I want to replace is "My friend is in here house" and row "words" has "My, In , here" in it and the replacement words are in wordsys has "In for My" "We for In" and "gone for here" so first it going to replace "My" with "In" that good ,but then it going back and replacing "In" the we just replaced with "We" and so forth who do I stop it from re-replace a word that it already replace. <?php //connect to database $textw = "My friend is in here house"; //load all replacements $result = mysql_query("SELECT * FROM data"); //replace all words $words = array(); $replacewords =array(); while ($row = mysql_fetch_assoc($result)) { $words[] = $row['words']; $replacewords[] = $row['wordsys']; } $text = str_replace($words,$replacewords,$textw); echo $text; ?> Thank you for your help Hello. Recently I've run into a bit of an issue with Path Traversal. I was searching a bit on solutions to it, but all I could find were sites telling you to fix it, and not showing examples of how. So, I've been running a few tests and seem to have the majority fixed. At least, the ones on Owasp's examples don't work.
I am making a file manager, so they can browse the public_html all they want. I just don't want anyone using ../, or the document root to browse through anything other than through the public_html.
So, here is the solution I have found that seems to work on everything I have seen:
<?php // Seems to solve plain-text, encoded, and null bytes $replace = array("%", ".."); $file = str_replace($replace, "", $_GET['file']); // ./ at the beginning to stop DOCUMENT_ROOT travel echo show_file_contents("./".$file); ?>And this is how the path is set up for file_get_contents to access: <?php function show_file_contents($file) { $path = $_SERVER['DOCUMENT_ROOT']."/".$file; } ?>My question is: Does this fully stop any directory traversal attempt? Edited by SarahBear, 09 November 2014 - 08:29 AM. I have a web app that uses an API that I wrote to communicate with my MySQL database that was written in PHP. Currently, each user of the API is required to authenticate before using the API with a username/password. Every API request is logged into a Requests_History table which stores the API request type, the timestamp and the userId of the requester. How can I easily stop hammering of the API via too many requests in a given time period? 1. first violation within 24 hours, 2 minute ban 2. second violation within 24 hours, 10 minute ban 3. second violation within 24 hours, 1 hour ban |