Home >>Advance PHP Tutorial >PHP Security
Your System is attacked by basically two groups of people:
These are the following kinds of attack:
Cross-site scripting – This kind of attack inserts a harmful code usually in JavaScript. This can be done by using user input forms like comments forms and contact us.
SQL Injection – This Kind of attack adds harmful code to SQL statements. This can be executed either from user input forms or URLs that use variables.
The code is being added code comments the condition in the WHERE clause of an SQL statement.
Now let's look at some of the PHP Security Tips that we must to know consider when developing our applications:
This strip_tags functions removes JavaScript, HTML or PHP tags from a string.
This function is useful to protect our applications from attacks such as cross site scripting.
Let’s take an example of an application that accepts comments from users.
<?php $user_input = "phptpoint is Awesome"; echo "<h4>This is my Commenting System</h4>"; echo $user_input; ?>
Assuming you have saved comments.php "if you use XAMPP" you can do that in you htdocs folder
Let's assume you receive the following as the user input <script>alert('welcome to phptpoint!');</script>
<?php $user_input = "<script>alert('welcome to phptpoint!');</script>"; echo "<h4>This is my Commenting System</h4>"; echo $user_input; ?>
Browse to the URL http://localhost/demo/comments.php
Let's now secure our application from such attacks using strip_tags function.
<?php $user_input = "<script>alert('hello phptpoint!');</script>"; echo strip_tags($user_input); ?>
Browse to the URL http://localhost/demo/comments.php
The filter_var function is used to for data validation and sanitization.
If the data is of the right type then you can check the validation and you will get the false result while checking numeric validation on a string.
For complete reference check this link filter_var.
Sanitization helps to remove illegal characters from a string.
It uses the filter_var function and FILTER_SANITIZE_STRIPPED constant to strip tags or encode unwanted characters. This filter helps to removes data that can be potentially harmful for your application.
Let's take an example:
<?php $user_input = "<script>alert('Your site sucks!');</script>"; echo filter_var($user_input, FILTER_SANITIZE_STRIPPED); ?>
Mysql_real_escape_string function - This function protect an application against SQL injection and used to create a legal SQL string.
Let's take an example that we have the SQL statement for validating the user id and password.
<?php SELECT userid,pswd,role FROM users WHERE userid = 'admin' AND password = 'pass'; ?> A vicious user can enter the following code in the user login box.‘OR’ 1 = 1- And abcd in the password text box , below is the authentication code module. <?php $userid = "' OR 1 = 1 -- "; $pswd = "abcd"; $sql = "SELECT userid,pswd,role FROM users WHERE userid = '$userid' AND password = '$pswd';"; echo $sql; ?>
HERE,
Let's now use mysql_real_escape_string function to secure login module.
<?php $userid = mysql_real_escape_string("' OR 1 = 1 -- "); $pswd = mysql_real_escape_string("abcd"); $sql = "SELECT userid,pswd,role FROM users WHERE userid = '$userid' AND password = '$pswd';"; echo $sql; ?>
Sha1 is the acronym for secure Hash Algorithm 1 and Md5 is the acronym for Message Digest 5.
Both the acronym are used to encrypt strings.
When in case a string has been encrypted, it is tedious to decrypt it.
When storing in passwords in the database Md5 and sha1 are very useful.
The code below shows the implementation of md5 and sha1
<?php echo "MD5 Hash: " . md5("password"); echo "SHA1 Hash: " . sha1("password"); ?>
Assuming you have saved the file hashes.php in in your folder, browse to the URL