How To Avoid $_SERVER["PHP_SELF"] Exploits?

-
If a user enters the normal URL in the address bar like "http://www.example.com/test_form.php", the above code will be translated to:

<form method="post" action="test_form.php">

So far, so good.
However, consider that a user enters the following URL in the address bar:
 
http://www.example.com/test_form.php/%22%3E%3Cscript%3Ealert('hacked')%3C/script%3E

In this case, the above code will be translated to:

<form method="post" action="test_form.php/"><script>alert('hacked')</script>


$_SERVER["PHP_SELF"] exploits can be avoided by using the htmlspecialchars() function.

The form code should look like this:
 
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">

The htmlspecialchars() function converts special characters to HTML entities. Now if the user tries to exploit the PHP_SELF variable, it will result in the following output:

<form method="post" action="test_form.php/&quot;&gt;&lt;script&gt;alert('hacked')&lt;/script&gt;">

Comments

Post a Comment

Popular posts from this blog

Script For Login, Logout and View Using PHP, MySQL and Bootstrap

-
Image
I am assuming here that you are familiar with HTML and CSS. I have commented the code with the necessary information in the major part of the code. So you can understand easily. I have also attached the source code so you can download it and use it. Let's start. Note: I have updating this article on my personal blog. The following are the points we will be learn in this article: Creating Database in phpmyadmin. Create connection with MySQL database. Insert, delete and view data from MySQL database. Some Bootstrap components. Sessions in PHP. Files and IDE: Registration Login Logout Welcome Admin_login View_users Db_conection Delete.php I am using PHPStorm for the coding and Bootstrap framework for front end development. Create Database: Create Tables: Create columns in Users table: Crate Admin Table: Create Admin Columns: Registration.php: <html>   <head lang= "en" >      ...
Read more

Hyperledger Development with in 10 days — Day 6

-
Image
Chaincode Development Introduction For the first five days, we have seen the concepts of Hyperledger fabric and various components of it. We have started our own network, deployed the simple smart contract. We have done transactions, we transferred data privately. In this part we are going to look into Chaincode development aka smart contract development for Hyperledger Fabric. We know that chaincode is running in different docker container once it is instantiated on channel isolating from the peers. Typically smart contract is the business logic agreed by the members to execute with consensus. However within the same network multiple many chaincode might be running on different channels. “Without appropriate permissions a chaincode cannot invoke another chaincode”. Various levels of Chaincodes There are two perspective on chaincodes. First, the perspective of the developer who is developing blockchain application — Chaincode for developers Second, the bl...
Read more

Insert CheckBox and Radio button Data in MySQL Database Using PHP

-
Image
MY-SQL Code CREATE DATABASE IF NOT EXISTS databasename; CREATE TABLE students( student_name varchar(255) NOT NULL, student_email varchar(255) NOT NULL, student_contact varchar(255) NOT NULL, student_address varchar(255) NOT NULL, stars varchar(25) NOT NULL, sports varchar(25) NOT NULL, gender text(25) NOT NULL, )     Download Code     LIVE DEMO   page- formelements.php   php code <?php $connection = mysqli_connect("localhost", "root", "","formdatainsert"); // Establishing Connection with Server //$db = mysql_select_db("colleges", $connection); // Selecting Database from Server if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL $name = $_POST['name']; $email = $_POST['email']; $contact = $_POST['contact']; $address = $_POST['address']; $sports=implode(' , ',$_POST['sports']); $star=implode(' , ',$_POST['star']); ...
Read more