php - Secure URL functions? -


my company's website got hacked, , i'm restoring website caution. company wants site possible don't have enough time re-code software's vulnerabilities away, i'm restoring after doing following:

  1. disabling input forms website. (basically, forms said action = someform.php renamed someform.php on server someform1.php nothing gets database. deal pdo , protection sql injections later).
  2. with no forms left, there's no $_post input take care of, there's still $_get. every page takes in query string, i've put check on every $_get[''] variable , made sure process when it's numeric should be. eg. if(isset($_get['page_id']) && is_numeric($_get['page_id'])) { /* */ }. hacker seemed have broken through using sql injections.
  3. with section of website (accessible company staff @ moment), i've made password protected folder. know hacker still use anonymous ftp or in using other ways, i'm hoping @ least avoid sql injections initially, thought password protected folder help. on top of existing secure login.
  4. i'm worried url. i'm not sure how secure or isn't, it's bilingual website, , way it's going (this part of code previous developer , don't understand it):

if($_server['server_name'] == 'localhost' || $_server['server_name'] == 'salman'){     $url =zeej_dir.curpagename().'?'.$_server["query_string"]; } else {     $url ='/'.curpagename().'?'.$_server["query_string"]; } $change_url = "http://".$_server['server_name'].$url;   if($_session['ln'] == 'en'){          echo '<img src="'.getsiteurl().'images/arabicicon.jpg" alt="arabic" width="15" height="15" />';         echo '<a href="'.getsiteurl().'change_session.php?page_url='.base64_encode( $change_url ).'" class="top_frametext">arabic</a>';     } else {         echo '<img src="'.getsiteurl().'images/engicon.jpg" alt="english" width="15" height="15" />';         echo '<a href="'.getsiteurl().'change_session.php?page_url='.base64_encode( $change_url ).'" class="top_frametext">english</a>';     }

and code change_session.php:

@session_start(); $page_url = isset($_request['page_url'])?$_request['page_url']:'';  if($_session['ln'] == 'en'){     $_session['ln'] ='ar'; } else {     $_session['ln'] ='en'; }  header("location: ".base64_decode($page_url));exit;

are there vulnerabilities here via url? or reasonably secured far?

one hint/note: regarding sql injection mentioned, make sure you're , everywhere using http://php.net/manual/en/pdo.prepared-statements.php

regarding changing language (in session). code seems safe since nobody inject or change something.

under line:

however, see 1 problem in url construction. uses base64_encode method make url "secure". however, can decode (since base64 encoding). long-term, may try using symetric encryption genereted key stored in user's session. way, nobody use url generated else.

anyway, changing language harmless in case. above mentioned proposal resources/operations needs secured. mean authorized person access (and not have stolen url). there are, of course, other ways how protect site. 1 practical advice.


Comments

Post a Comment

Popular posts from this blog

SPSS keyboard combination alters encoding -

my question not have programming practical issue on spss. accident keyword combination cannot remember because did not intend press changed encoding in spss , text in data in different language english shown small boxes. nevertheless, when kind of analysis performed different language text shown in output. does know reason? tried change encoding did not produce result. first, @ edit > options , see whether setting unicode or locale. might fix it. if have text in multiple languages, want unicode. otherwise, may have specific locale set wrong. can change set locale, need know locale want use.
Read more

Add new record to the table by click on the button in Microsoft Access -

in ms access form want implement separate button, adds new record table. in order added button , attached button event: private sub btnaddrec_click() refresh codecontextobject on error resume next docmd.gotorecord , , acnewrec if err.number <> 0 btnaddrec.enabled = false end if end end sub everything ok when open window , click btnaddrec button, problem when first of perform navigation through existed records , after click on button. got runtime error: 2105: «you can't go specified record. may @ end of recordset» . how solve issue, need have ability add new record on click on specific button, no matter, have walked or not walked through records before. thanks. i created simple form field call description (and autonumber) , created button code follows click event. filled number of records , navigated through them, clicked addnewrec button. form navigated new record without issues. able click addnewrec button directly after
Read more

javascript - jQuery .height() return 0 when visible but non-0 when hidden -

i have problem here right opposite others: in jquery cannot height of element when it's visible, when hidden. have html code: <div id="filtering-filter-holder"> <div id="filtering-filter-holder-inner"></div> </div> basic css it: #filtering-filter-holder { display: none; position: absolute; width: 420px; min-height: 100px; padding: 5px 5px 5px 5px; background-color: #ffffff; border: 1px solid #164372; } and finally, js in document.ready(): $('div.filtering-filter-headline').mouseenter(function() { var el = $(this).parent().find('div.filtering-filter-content'); if ($('div#filtering-filter-holder').is(':visible')) { $('div#filtering-filter-holder-inner').stop(true, true).fadeout(300, function() { $('div#filtering-filter-holder-inner').html($(el).html()); var height = $('div#filtering-filter-holder-inner&#
Read more