Page 2 of 2
Re: Page Numbers always maxxing out - why?
Posted: Thu Nov 07, 2013 10:41 pm
by Christopher
Code: Select all
$pageNum = ((intval($_GET['pagenum']));
simonmlewis wrote:BTW you cannot use this as it errors on the ;.
I count three left parens and only two right parens in that line. Do you have error reporting turned on? Posting the error message would help (or specifically tell you where the problem is).
Re: Page Numbers always maxxing out - why?
Posted: Fri Nov 08, 2013 3:05 pm
by Eric!
The XSS vulnerability I referred to earlier is your line:
Depending on how you use it this is a common vector for hackers to steal user's cookies and hijack accounts. A little better protection is to use the following routine to filter this variable before echoing it's contents:
Code: Select all
$self=htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");
Re: Page Numbers always maxxing out - why?
Posted: Tue Nov 12, 2013 3:11 am
by simonmlewis
Sorry Eric, You've utterly lost me.
Where does this go, and how does this stop hackers hacking a Cookie??
Re: Page Numbers always maxxing out - why?
Posted: Tue Nov 12, 2013 6:07 pm
by Eric!
For simplicity's sake, look for the line
ANYWHERE in your code that uses
Replace it with
Code: Select all
htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");
Never trust user input. Always filter it before you echo it, store it, or use it. Just google PHP_SELF and XSS for many examples. The most powerful XSS hack to this variable allows the attacker to steal cookie data from your users. This could lead to hijacked accounts and a host of other problems. They can also inject malware through your site using this exploit as well.