Page Numbers always maxxing out - why?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Page Numbers always maxxing out - why?

Post by Christopher »

Code: Select all

       $pageNum = ((intval($_GET['pagenum']));
simonmlewis wrote:BTW you cannot use this as it errors on the ;.
I count three left parens and only two right parens in that line. Do you have error reporting turned on? Posting the error message would help (or specifically tell you where the problem is).
(#10850)
Eric!
DevNet Resident
Posts: 1146
Joined: Sun Jun 14, 2009 3:13 pm

Re: Page Numbers always maxxing out - why?

Post by Eric! »

The XSS vulnerability I referred to earlier is your line:

Code: Select all

$self=$_SERVER["PHP_SELF"];
Depending on how you use it this is a common vector for hackers to steal user's cookies and hijack accounts. A little better protection is to use the following routine to filter this variable before echoing it's contents:

Code: Select all

$self=htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");
simonmlewis
DevNet Master
Posts: 4435
Joined: Wed Oct 08, 2008 3:39 pm
Location: United Kingdom
Contact:

Re: Page Numbers always maxxing out - why?

Post by simonmlewis »

Sorry Eric, You've utterly lost me.
Where does this go, and how does this stop hackers hacking a Cookie??
Love PHP. Love CSS. Love learning new tricks too.
All the best from the United Kingdom.
Eric!
DevNet Resident
Posts: 1146
Joined: Sun Jun 14, 2009 3:13 pm

Re: Page Numbers always maxxing out - why?

Post by Eric! »

For simplicity's sake, look for the line ANYWHERE in your code that uses

Code: Select all

$_SERVER["PHP_SELF"];
Replace it with

Code: Select all

htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");
Never trust user input. Always filter it before you echo it, store it, or use it. Just google PHP_SELF and XSS for many examples. The most powerful XSS hack to this variable allows the attacker to steal cookie data from your users. This could lead to hijacked accounts and a host of other problems. They can also inject malware through your site using this exploit as well.
Post Reply