Jump to content

MySQL Injection question


norNerd
 Share

Recommended Posts

Hi, if i use strlen(); to check the length of a string, lets say username, and i make it so users cant have more then 8 characters, will that set a little limit for the injection or will the attackers be able to bypass this in some way?And to avoid scripting, can just make it so <script></script> isn't allowed right? norNerd

Link to comment
Share on other sites

It's really wrong to think of security in terms of blacklisting... attackers will always find a way to bypass a blacklist.Instead, you should think of a whitelist. Also, instead of trying to forbid a character or a character combo, allow it in a way that will make it harmless.In the case of SQL injections, this means using mysql_real_escape_string() to escape any data being inputted. In the case of XSS attacks (one involving inserting a script element, as per your second example), the best way to stay secure is to either disallow (X)HTML completely, escaping everything with htmlentities() or htmlspecialchars() instead. Alternatively, (what I'd instead use) create an XML Schema or DTD with only the elements and attributes that you allow (again - a whitelist), and validate any input against that. Option 3 (and what forums and Wikis use) is to create your own pseudo language, ala BBCode or Wiki code, and turn that into predefined pieces of HTML.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...