Need to stop users inputting malicious code via user form
Posted: Tue Aug 14, 2007 12:50 pm
hello. I have a userform that allows you to sign up with a username and password. make a profile and later, log in and edit that same profile. all using forms.
background on me is that im learning as i go, trying to bring this site idea i have to life. Im using forums, tutorials, sample code and kind people to help me do this.
Anyways someone ponted out to me that my current form allows for users to input javascript which poses a security risk seens as my login system uses sessions.
what that same someone wont tell me is how to fix this. so im wondering if anyone here would mind helping me?
here is the sign up form. Its 2 pages
and
apologies if ive violated any forum rules with this request and format of my post but i think ive behaved correctly.
Thanks for reading
Liam
background on me is that im learning as i go, trying to bring this site idea i have to life. Im using forums, tutorials, sample code and kind people to help me do this.
Anyways someone ponted out to me that my current form allows for users to input javascript which poses a security risk seens as my login system uses sessions.
what that same someone wont tell me is how to fix this. so im wondering if anyone here would mind helping me?
here is the sign up form. Its 2 pages
Code: Select all
signup.php
<?
include "include/z_db.php";// database connection details stored here
?>
<html>
<head>
<title>Sign Up</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000">
<table border='0' width='50%' cellspacing='0' cellpadding='0' align=center><form name=form1 method=post action=signupck.php onsubmit='return validate(this)'><input type=hidden name=todo value=post>
<tr bgcolor='#f1f1f1'><td align=center colspan=2><font face='Verdana' size='2' ><b>Signup</b></td></tr>
<tr ><td > <font face='Verdana' size='2' >Username:</td><td ><font face='Verdana' size='2'><input type=text name=username></td></tr>
<tr bgcolor='#f1f1f1'><td > <font face='Verdana' size='2' >Password:</td><td ><font face='Verdana' size='2'><input type=password name=password></td></tr>
<tr ><td > <font face='Verdana' size='2' >Re-enter Password:</td><td ><font face='Verdana' size='2'><input type=password name=password2></td></tr>
<tr bgcolor='#f1f1f1'><td ><font face='Verdana' size='2' > Email:</td><td ><input type=text name=email></td></tr>
<tr ><td > <font face='Verdana' size='2' >Band Name:</td><td ><font face='Verdana' size='2'><input type=text name=bandname></td></tr>
<tr ><td > <font face='Verdana' size='2' >Band Bio:</td><td ><font face='Verdana' size='2'><input type=text name=bio></td></tr>
<tr ><td > <font face='Verdana' size='2' >Band Website:</td><td ><font face='Verdana' size='2'><input type=text name=site></td></tr>
<tr ><td > <font face='Verdana' size='2' >URL To Band photo:</td><td ><font face='Verdana' size='2'><input type=text name=image></td></tr>
<tr bgcolor='#f1f1f1'><td align=center colspan=2><input type=submit value=Signup></td></tr>
</table>
</body>
</html>Code: Select all
signupck.php
<?
include "include/z_db.php";// database connection details stored here
while (list ($key,$val) = each ($_POST)) {
$$key = $val;
}
?>
<!doctype html public "-//w3c//dtd html 3.2//en">
<html>
<head>
<title>Sign Up</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000">
<?
if(isset($todo) and $todo=="post"){
$status = "OK";
$msg="";
// if userid is less than 3 char then status is not ok
if(!isset($username) or strlen($username) <3){
$msg=$msg."Username should be =3 or more than 3 char length<BR>";
$status= "NOTOK";}
if(mysql_num_rows(mysql_query("SELECT username FROM info WHERE username = '$username'"))){
$msg=$msg."Userid already exists. Please try another one<BR>";
$status= "NOTOK";}
if ( strlen($password) < 3 ){
$msg=$msg."Password must be more than 3 char legth<BR>";
$status= "NOTOK";}
if ( $password <> $password2 ){
$msg=$msg."Both passwords are not matching<BR>";
$status= "NOTOK";}
if($status<>"OK"){
echo "<font face='Verdana' size='2' color=red>$msg</font><br><input type='button' value='Retry' onClick='history.go(-1)'>";
}else{ // if all validations are passed.
$query=mysql_query("insert into info(username,password,email,bandname,bio,site,image) values('$username','$password','$email','$bandname','$bio','$site','$image')");
echo "<font face='Verdana' size='2' color=green>Welcome, You have successfully signed up<br><br><a href=login.php>Click here to login</a><br></font>";
}
}
?>
</body>
</html>Thanks for reading
Liam