secure $_GET
- Started
- Last post
- 7 Responses
- effour
I have some vulnerable code here and I have no idea how to secure it...I'm not a programmer obviously.
if ($_GET['c'] != "") {
include($_GET['c'].".php");
} else {
include("root.php");
}Any advice on how I can pass my variables in a secure way using $_GET would be appreicated.
Thanks.
- kinetic0
validate your variables with if statements before you do anything with them
check to make sure they are what they should be
so if its a number, use a number checking function, shit like that
http://www.google.ca/search?hl=e…
would be a good start....its not specific to your problem but it will help you
- UndoUndo0
dude thats really insecure, someone who knows the locaion of the pages could include any file on yr server so DONT post any links here. your condition only checks for the variable to be NOT empty.
to make it more secure you should check for known values of 'c'.
ie
$myVar = $_GET['c'];switch($myVar){
case:'home';
include("home.php");
break;case:'about';
include("about.php");
break;
}add in extra 'cases' where you know the value and the file to include
- tomkat0
and you could even go further with undo's method and put files and parameters relations into a database or an array, so you would not have to touch the code again
something like:
1. check GET parameter
2. check if existent in db
3. if existent load file
4. else exit()
- effour0
Thanks for the help guys, I can't get this working though...any reason as to why?
$myVar = $_GET['c'];
switch($myVar){
case:'home';
include("home.php");
break;case:'about';
include("about.php") ;
break;
}Thanks for all you help...this is killing me!
- cosmo0
Add that line and see what result has been displayed. Another thing you should do is use $_REQUEST['c'] instead of $_GET. $_REQUEST is better way to retrieve the value.
echo out $_GET['c'];
- UndoUndo0
sorry my mistake I made an error with the code
$myVar = $_GET['c'];
switch($myVar){
case"home":
include("home.php");
break;case"about":
include("about.php") ;
break;
}that should work now
- cereals0
Why is $_REQUEST a better way? I wouldn't think so, at least if you use $_GET then you know its coming through i.e. $_GET and not through $_POST of $_COOKIE.
Request covers to many scopes (the above to mention), you should implicitly know where its coming from and not just guess...
$_REQUEST is bad coding practise!