Security issues for the slow

telekin

Hello one and all.

Despite having been registered for ages, this is my first post. I've always tried to search the forums and read stuff before posting as I know places like this can get clogged up with the same old things.

Anyway, I can't find anything specific to my cause so I though I'd post.

I'm pretty much a total amateur at PHP as I'm a designer first and foremost - as such I'm slow to learn and everything I do has to be learnt with a certain amount of trial and error.

Anyway, I have a flash game which works Ok, and I'm submitting scores to a database which can then be displayed in a PHP page. Basic stuff for most of you I imagine.

My problem is security. If this project becomes even moderately popular (and I class that as people outside the circle of my immediate friends), I want reassurance that some nutcase is not going to start doing weird things to any of my stuff, as it were.

Like I say, it's simple enough stuff:

<?php

$Host = "localhost";
$User = "username";
$Password = "password";
$db = "database";

$Link = mysql_connect ($Host, $User, $Password);

mysql_select_db($db, $Link) 
or die("<br>Error connecting to database".mysql_error());

$name = trim($name);
$email = trim($email);

mysql_query("INSERT into table values(   

  '$total', 
  '$name', 
  '$email')") 
  or die("<br>Error submitting data".mysql_error());

mysql_close ($Link);

$adminaddress = "mail@mydomain.co.uk";
mail("mail@mydomain.co.uk","New submission", "Using: $HTTP_USER_AGENT
Hostname: $ip
IP address: $REMOTE_ADDR
Date/Time:  $date","FROM:$adminaddress");

?>

is the code for submitting the scores and on the page displaying the scores there is:

<?php

$Host = "localhost";
$User = "username";
$Password = "password";
$db = "database";
$table = "table";

$Link = mysql_connect ($Host, $User, $Password);

mysql_select_db ($db) or die ("Cannot connect to database");

$query = "SELECT * FROM $table ORDER BY total DESC";
$result = mysql_db_query ($db, $query, $Link);

mysql_close ($Link);

?>

with this code in the body of the HTML:

<?php

while($row=mysql_fetch_array($result)){ 
echo $row['total']," ", $row['name'], "<br>";
}

?>

That's probably as easy to hack into as a paper bag, I just don't know. Which bits need to be secure? All of them?

Any help would be much appreciated, whether it be direct help or a push in the right direction.

Thanks.

planetsim

You need to use the superglobals $GET, $POST, $_SERVER etc at the moment you are coding for register_globals on which is a huge security risk. Your also not checking your values which are getting inserted into the database.

Make sure you use addslashes, but make sure magic_quotes_gpc is off, and use htmlentities or something similar to make sure raw HTML isnt inserted into the table.

telekin

Thanks for the reply planetsim.

I'll have to search for the things you mentioned as that doesn't really mean a great deal to me. I know, It's probably second nature to you so it must be pretty difficult to come back down to my level.

I mean, at the moment stuff like

but make sure magic_quotes_gpc is off

may as well be written in arabic - the books I have are catering for the novice and thus don't really go in depth on security. I dunno, maybe I'm thankful for that!

I'll give things a look anyway and see where I get with it.

I've come from Flashkit, by the way, and I pretty much learnt everything I know about Flash from there - hopefully I can do much the same with PHP here but I fear it may take a long, long time.

To me getting round the fact that most of the time you can't physically see anything with PHP is a bit of a mindf'ck.

Thanks again.

telekin

Ok, I've not got very far with this because a new issue has arisen.

Some of my friends have tried to submit scores to the database but nothing is showing up.

It seems to be erratic - some can submit, some can't. I'm still using the above code at the moment.

Anyone got any ideas?

Some of these people work for large-ish corporations which may have firewalls. Would this make a difference?

Any info on this would be much appreciated - it's driving me nuts!