$_POST a bug?

  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

In my simple log-in + redirect mod, I use $_POST['name'] directly in ucp.php?mode=login and some people told me that it may be a security issue. I tested and tried to log in from another site using the same field names where the action pointed to ucp.php?mode=login on my site and it didn't do anything other than go to the log in page with the same form.

But the form was on my computer locally and not on a host, but I'm still in doubt... is it really a security hazard?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6243
  • Loc: Seattle, WA

Post 3+ Months Ago

// moved to Programming

In what context are you using the POST variable? If it has anything to do with a database query, then you need to be sanitizing it before it ever comes close to any SQL.

Could you post a snippet of code to show the context of where you're using it?
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Yes Mr. Moderator Spork, the code in context can be found on my phpbb3 Mod.

It has nothing to do with SQL
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Well, can it be a security bug or not?
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Ahhh! The secrets of life :)

I suppose it's safe then.
  • alex89
  • Bronze Member
  • Bronze Member
  • User avatar
  • Posts: 239
  • Loc: Western Australia

Post 3+ Months Ago

I guess we shall never know. You could post the link of your new forum and get people to try a few 'sploits?
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6243
  • Loc: Seattle, WA

Post 3+ Months Ago

Any piece of code has the potential to be a security risk if written poorly. The language construct itself is rarely the problem; it's the way it's used.
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

I provided the code, but if you missed it, here it is again. I just want to be 100% sure that it's safe. I think that I have written that correctly...
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6243
  • Loc: Seattle, WA

Post 3+ Months Ago

Ah I see. Well the problem there is that you aren't checking the supplied URL to ensure it's within your domain. If someone were to hijack your form, they could potentially have your site redirect a user to any 3rd party website they wish.
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Oh I see... I guess I must update it then and fix that issue :) Thanks spork. I appreciate it very much... Especially since I waited for more than half of a year for the answer :lol:

Post Information

  • Total Posts in this topic: 10 posts
  • Users browsing this forum: No registered users and 121 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.