security hole in image folder
Posted: Mon Jul 13, 2009 2:34 am
hi, there is some security hole in the script below. I'm new in php
Could somebody help me.
Some hackers put in my image folder some malicious scripts.
Help
<?php
class employer {
function showEmployer($email) {
$qry="Select * from employer_information where email='$email'";
$result=mysql_query($qry);
$reocrds=mysql_fetch_array($result);
return $reocrds;
}
function showEmployerbyID($eid) {
$qry="Select * from employer_information where eid='$eid'";
$result=mysql_query($qry);
$reocrds=mysql_fetch_array($result);
return $reocrds;
}
function emplyeUpdation($txtCName,$txtDescription,$txtContact,
$country,$txtCity,$txtPostal,$txtAddress,$txtPhone,$mobile,$txtFax,$txtURL,$email) {
$qryUpdate="Update employer_information Set contact_name='$txtContact', company_name='$txtCName', country=$country,city='$txtCity',
postal_zip='$txtPostal', cprofile='$txtDescription', phone='$txtPhone', mobile='$mobile', fax='$txtFax', url='$txtURL', address='$txtAddress',
updated_date=sysdate() where email='$email'";
mysql_query($qryUpdate) or die("Query Could not Exexute Due to ".mysql_error());
return 12;
}
function editLogo($image,$email) {
$uFolder="logos/";
$_FILES['fleLogo']['name']=$image;
echo $type=$_FILES['fleLogo']['type'];
$size=$_FILES['fleLogo']['size'];
$employer=$this->showEmployer($email);
$fileName=$employer[0].$_FILES['fleLogo']['name'];
if($size > 250000 ) {
return 10;
}
if($type!="image/pjpeg" && $type!="image/bmp" && $type!="image/x-png" && $type!="image/gif") {
return 10;
}
else {
$qry="Update employer_information Set logo='$fileName' where email ='$email'";
mysql_query($qry) or die ("Logo can't upload ".mysql_error());
move_uploaded_file($_FILES['fleLogo']['tmp_name'], $uFolder . $fileName);
return 12;
}
}
function changePasword($email,$password,$oldPassword) {
$qryEmail="Select password from employer_information where email = '$email'";
$resultEmail=mysql_query($qryEmail);
$recordsEmail=mysql_fetch_array($resultEmail);
if($recordsEmail['password']==$oldPassword) {
$qry="Update employer_information Set password='$password' where email ='$email'";
mysql_query($qry) or die("Password Could not Changed Due to ".mysql_error());;
$employer=$this->showEmployer($email);
$subject="Euro Golf Jobs Changed Password";
$from="From: Euro Golf Jobs <not_reply@eurogolfjobs.com>";
$body="Your User Name is ".$email."<br><br>Password is ".$employer['password'];
mail($txtEmail,$subject,$body,$from."\r\nContent-type: text/html; charset=us-ascii");
return 12;
}
else
return 10;
}
function addNewJob($industry,$subindustry,$txtPosition,$ddlEdu,$ddlEdu2,$ddlEdu3,$ddlExp,$txtSalary,$country,$ddlGender,$expiry,$txtDetail,$txtDetail2,$eIds,$jobType,$country,$city,$paket,$adverts) {
list($day,$month,$year)=split("-",$expiry);
$expiry=$year."-".$month."-".$day;
$qry="Insert into add_job(eid,position,industry_type,subindustry_type,employement_type,location_job,
experience,education,qualifications,chainsaw,salary,job_posted,job_expire,job_updated,gender,description_respon,description_native,city)
Values($eIds,'$txtPosition',$industry,$subindustry,'$jobType',$country,
'$ddlExp','$ddlEdu','$ddlEdu2','$ddlEdu3','$txtSalary',sysdate(),'$expiry',sysdate(),'$ddlGender','$txtDetail','$txtDetail2','$city')
";
mysql_query($qry) or die ("New job can't be added".mysql_error());
if($adverts > 0) {
$newadverts = $adverts - 1;
if($newadverts < 1) {
$advert_enabled='No';
}
else {
$advert_enabled='Yes';
}
}
$qry="Update employer_information Set advert_enabled='$advert_enabled', number_of_adverts='$newadverts' where eid ='$eIds'";
mysql_query($qry);
echo "<script language=JavaScript>
window.location='addjobs.php?mes=1'
</script>";
}
function showEmolyerJobs($eIds) {
$qry="Select * from add_job where eid=$eIds order by job_posted Asc";
$result=mysql_query($qry);
return $result;
}
function showSlectedJobs($jid) {
$qry="Select * from add_job where jid=$jid";
$result=mysql_query($qry);
$records=mysql_fetch_array($result);
return $records;
}
function deleteJobs($jid) {
$qry="Delete from add_job where jid=$jid";
mysql_query($qry);
echo "<script language=JavaScript>
window.location='index.php?mes=1'
</script>";
}
function activeJobs($jid,$status) {
if($status==1) {
$val=0;
}
else if($status==0) {
$val=1;
}
$qry="Update add_job set status_job=$val where jid=$jid";
mysql_query($qry);
echo "<script language=JavaScript>
window.location='active.php?mes=1'
</script>";
}
function updateJob($industry,$subindustry,$txtPosition,$ddlEdu,$ddlEdu2,$ddlEdu3,$ddlExp,$txtSalary,$country,$ddlGender,$expiry,$txtDetail,$txtDetail2,$jIds,$jobType,$country,$city) {
list($day,$month,$year)=split("-",$expiry);
$expiry=$year."-".$month."-".$day;
$qry="Update add_job Set position='$txtPosition',industry_type=$industry,subindustry_type=$subindustry,employement_type='$jobType',location_job=$country,
experience='$ddlExp',education='$ddlEdu',qualifications='$ddlEdu2',chainsaw='$ddlEdu3',salary='$txtSalary',job_expire='$expiry',
job_updated=sysdate(),gender='$ddlGender',description_respon='$txtDetail', description_native='$txtDetail2',city='$city' where jid=$jIds";
mysql_query($qry) or die ("The Job can't be Updated".mysql_error());;
echo "<script language=JavaScript>
window.location='editjobs.php?mes=1&jid=$jIds'
</script>";
}
function totalHitsJobs($jid) {
$qrySelApplied="Select total_hits from add_job where jid=$jid";
$resultSelApplied=mysql_query($qrySelApplied);
$reocordsSelApplied=mysql_fetch_array($resultSelApplied);
$totalApply=$reocordsSelApplied[0] + 1;
$qryUpdate="Update add_job set total_hits=$totalApply where jid=$jid";
mysql_query($qryUpdate) or die ("add_job can't updated ".mysql_error());
}
function activateEmployer($veri) {
$qry="Update employer_information set status=1, updated_date=sysdate() where verify_code='$veri'";
mysql_query($qry) or die ("employer_information can't updated ".mysql_error());
echo "<script language=JavaScript>
window.location='verifyemp.php?mes=1'
</script>";
}
function activateSeeker($veri) {
$qry="Update seeker_personal set status=1, updated_date=sysdate() where verifycode='$veri'";
mysql_query($qry) or die ("employer_information can't updated ".mysql_error());
echo "<script language=JavaScript>
window.location='verifyemp.php?mes=1'
</script>";
}
function unsubcrib($eid) {
$qry="Update employer_information set status=0, updated_date=sysdate() where eid='$eid'";
mysql_query($qry) or die ("employer_information can't updated ".mysql_error());
session_unset("userName");
session_destroy();
echo "<script language=JavaScript>
window.location='../empmess.php?mes=7'
</script>";
}
function unsubcribSeeker($sid) {
$qry="Update seeker_personal set status=0, updated_date=sysdate() where sid='$sid'";
mysql_query($qry) or die ("seeker_personal can't updated ".mysql_error());
session_unset("userName");
session_destroy();
echo "<script language=JavaScript>
window.location='../empmess.php?mes=7'
</script>";
}
}// end of Calss
?>
Could somebody help me.
Some hackers put in my image folder some malicious scripts.
Help
<?php
class employer {
function showEmployer($email) {
$qry="Select * from employer_information where email='$email'";
$result=mysql_query($qry);
$reocrds=mysql_fetch_array($result);
return $reocrds;
}
function showEmployerbyID($eid) {
$qry="Select * from employer_information where eid='$eid'";
$result=mysql_query($qry);
$reocrds=mysql_fetch_array($result);
return $reocrds;
}
function emplyeUpdation($txtCName,$txtDescription,$txtContact,
$country,$txtCity,$txtPostal,$txtAddress,$txtPhone,$mobile,$txtFax,$txtURL,$email) {
$qryUpdate="Update employer_information Set contact_name='$txtContact', company_name='$txtCName', country=$country,city='$txtCity',
postal_zip='$txtPostal', cprofile='$txtDescription', phone='$txtPhone', mobile='$mobile', fax='$txtFax', url='$txtURL', address='$txtAddress',
updated_date=sysdate() where email='$email'";
mysql_query($qryUpdate) or die("Query Could not Exexute Due to ".mysql_error());
return 12;
}
function editLogo($image,$email) {
$uFolder="logos/";
$_FILES['fleLogo']['name']=$image;
echo $type=$_FILES['fleLogo']['type'];
$size=$_FILES['fleLogo']['size'];
$employer=$this->showEmployer($email);
$fileName=$employer[0].$_FILES['fleLogo']['name'];
if($size > 250000 ) {
return 10;
}
if($type!="image/pjpeg" && $type!="image/bmp" && $type!="image/x-png" && $type!="image/gif") {
return 10;
}
else {
$qry="Update employer_information Set logo='$fileName' where email ='$email'";
mysql_query($qry) or die ("Logo can't upload ".mysql_error());
move_uploaded_file($_FILES['fleLogo']['tmp_name'], $uFolder . $fileName);
return 12;
}
}
function changePasword($email,$password,$oldPassword) {
$qryEmail="Select password from employer_information where email = '$email'";
$resultEmail=mysql_query($qryEmail);
$recordsEmail=mysql_fetch_array($resultEmail);
if($recordsEmail['password']==$oldPassword) {
$qry="Update employer_information Set password='$password' where email ='$email'";
mysql_query($qry) or die("Password Could not Changed Due to ".mysql_error());;
$employer=$this->showEmployer($email);
$subject="Euro Golf Jobs Changed Password";
$from="From: Euro Golf Jobs <not_reply@eurogolfjobs.com>";
$body="Your User Name is ".$email."<br><br>Password is ".$employer['password'];
mail($txtEmail,$subject,$body,$from."\r\nContent-type: text/html; charset=us-ascii");
return 12;
}
else
return 10;
}
function addNewJob($industry,$subindustry,$txtPosition,$ddlEdu,$ddlEdu2,$ddlEdu3,$ddlExp,$txtSalary,$country,$ddlGender,$expiry,$txtDetail,$txtDetail2,$eIds,$jobType,$country,$city,$paket,$adverts) {
list($day,$month,$year)=split("-",$expiry);
$expiry=$year."-".$month."-".$day;
$qry="Insert into add_job(eid,position,industry_type,subindustry_type,employement_type,location_job,
experience,education,qualifications,chainsaw,salary,job_posted,job_expire,job_updated,gender,description_respon,description_native,city)
Values($eIds,'$txtPosition',$industry,$subindustry,'$jobType',$country,
'$ddlExp','$ddlEdu','$ddlEdu2','$ddlEdu3','$txtSalary',sysdate(),'$expiry',sysdate(),'$ddlGender','$txtDetail','$txtDetail2','$city')
";
mysql_query($qry) or die ("New job can't be added".mysql_error());
if($adverts > 0) {
$newadverts = $adverts - 1;
if($newadverts < 1) {
$advert_enabled='No';
}
else {
$advert_enabled='Yes';
}
}
$qry="Update employer_information Set advert_enabled='$advert_enabled', number_of_adverts='$newadverts' where eid ='$eIds'";
mysql_query($qry);
echo "<script language=JavaScript>
window.location='addjobs.php?mes=1'
</script>";
}
function showEmolyerJobs($eIds) {
$qry="Select * from add_job where eid=$eIds order by job_posted Asc";
$result=mysql_query($qry);
return $result;
}
function showSlectedJobs($jid) {
$qry="Select * from add_job where jid=$jid";
$result=mysql_query($qry);
$records=mysql_fetch_array($result);
return $records;
}
function deleteJobs($jid) {
$qry="Delete from add_job where jid=$jid";
mysql_query($qry);
echo "<script language=JavaScript>
window.location='index.php?mes=1'
</script>";
}
function activeJobs($jid,$status) {
if($status==1) {
$val=0;
}
else if($status==0) {
$val=1;
}
$qry="Update add_job set status_job=$val where jid=$jid";
mysql_query($qry);
echo "<script language=JavaScript>
window.location='active.php?mes=1'
</script>";
}
function updateJob($industry,$subindustry,$txtPosition,$ddlEdu,$ddlEdu2,$ddlEdu3,$ddlExp,$txtSalary,$country,$ddlGender,$expiry,$txtDetail,$txtDetail2,$jIds,$jobType,$country,$city) {
list($day,$month,$year)=split("-",$expiry);
$expiry=$year."-".$month."-".$day;
$qry="Update add_job Set position='$txtPosition',industry_type=$industry,subindustry_type=$subindustry,employement_type='$jobType',location_job=$country,
experience='$ddlExp',education='$ddlEdu',qualifications='$ddlEdu2',chainsaw='$ddlEdu3',salary='$txtSalary',job_expire='$expiry',
job_updated=sysdate(),gender='$ddlGender',description_respon='$txtDetail', description_native='$txtDetail2',city='$city' where jid=$jIds";
mysql_query($qry) or die ("The Job can't be Updated".mysql_error());;
echo "<script language=JavaScript>
window.location='editjobs.php?mes=1&jid=$jIds'
</script>";
}
function totalHitsJobs($jid) {
$qrySelApplied="Select total_hits from add_job where jid=$jid";
$resultSelApplied=mysql_query($qrySelApplied);
$reocordsSelApplied=mysql_fetch_array($resultSelApplied);
$totalApply=$reocordsSelApplied[0] + 1;
$qryUpdate="Update add_job set total_hits=$totalApply where jid=$jid";
mysql_query($qryUpdate) or die ("add_job can't updated ".mysql_error());
}
function activateEmployer($veri) {
$qry="Update employer_information set status=1, updated_date=sysdate() where verify_code='$veri'";
mysql_query($qry) or die ("employer_information can't updated ".mysql_error());
echo "<script language=JavaScript>
window.location='verifyemp.php?mes=1'
</script>";
}
function activateSeeker($veri) {
$qry="Update seeker_personal set status=1, updated_date=sysdate() where verifycode='$veri'";
mysql_query($qry) or die ("employer_information can't updated ".mysql_error());
echo "<script language=JavaScript>
window.location='verifyemp.php?mes=1'
</script>";
}
function unsubcrib($eid) {
$qry="Update employer_information set status=0, updated_date=sysdate() where eid='$eid'";
mysql_query($qry) or die ("employer_information can't updated ".mysql_error());
session_unset("userName");
session_destroy();
echo "<script language=JavaScript>
window.location='../empmess.php?mes=7'
</script>";
}
function unsubcribSeeker($sid) {
$qry="Update seeker_personal set status=0, updated_date=sysdate() where sid='$sid'";
mysql_query($qry) or die ("seeker_personal can't updated ".mysql_error());
session_unset("userName");
session_destroy();
echo "<script language=JavaScript>
window.location='../empmess.php?mes=7'
</script>";
}
}// end of Calss
?>