avoiding XSS vulnerability by putting HTMLSPECIALCHARS() function
hallo every body: I checked my website for security issues (vulnerabilities). the report said that there is a XSS vulnerability, in my login.php page in fact i try to fix this problem by putting the htmlspecialchars() in a variable that send to my database, but i am not sure if this is correct
here is my PHP code for login.php page:
<?php require_once('../Connections/minisrty.php'); ?>
<?php
// *** Validate开发者_JAVA百科 request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['user'])) {
**htmlspecialchars($loginUsername=$_POST['user'],ENT_QUOTES,'utf-8');**
**htmlspecialchars($password=$_POST['pass'],ENT_QUOTES,'utf-8');**
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "insertion.php";
$MM_redirectLoginFailed = "login.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_minisrty, $minisrty);
$LoginRS__query=sprintf("SELECT username, password FROM log WHERE username='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $minisrty) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
will this work ..???
$filtered_variable = htmlspecialchars($bad_variable, ENT_QUOTES);
And you should use mysql_real_escape_string() on variables that are being put in a SQL query to avoid SQL injections.
加载中,请稍侯......
精彩评论