Hi Yes, I see your point. Guess I'm way too trusting a person, should think like a criminal...
So you're basically saying I should always place sensible "default values" in my script and then compare the $_POST vars, else stick to the default, ie, have the $_POST overwrite your default before the script can use it? Petre On Tue, 2003-07-15 at 17:39, David Otton wrote: > On Tue, 15 Jul 2003 16:47:22 +0200, you wrote: > > >Well, it should never be, it comes from a drop down that only has 3 options, > >any, all or exact > >Any caveats there? > > "You can't trust the client". I can submit any data I want to your script, > most easily by knocking up my own form: > > <form method="post" action="http://domain.com/yourform.php";> > <input type="hidden" name="any_all" value="xyzzy"> > <input type="submit" name="go"> > </form> > > In this particular case, it's no big deal - your script exits gracelessly, > but no real harm is done. However, the same class of attack (injecting > unexpected data into a script) can cause far more serious problems. > > What I'm trying to say is that it will pay off in the future if you learn a > defensive coding style now. Assume that all input from the outside world is > potentially malicious. > > The code we're takling about can easily be made safe: > > $logic = "exact"; > if ($_POST[any_all] == "any") { > $logic = "or"; > } elseif ($_POST[any_all] == "all") { > $logic = "and"; > } > > BTW, try putting > > error_reporting(E_ALL); > > at the top of the script to flag the string literal problem I mentioned > originally, and see what happens if any_all isn't in the $_POST array at > all. > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
