Page 1 of 1

pagination security problems

Posted: Fri Aug 24, 2007 4:39 am
by kkonline
Below is an extract of my pagination script
If ?page=123 then page=123 then it's ok
But when i write ?page=<---something else---> It should print invalid query
but just gives me a blank page.


what should i do so that only a number is valid; to prevent the security attacks
and if ?page=34.365 then also it should be invalid.

Code: Select all

if(!isset($_GET['page'])){
    $page = 1;
}
 else {
	if(is_numeric($_GET['page']))
	{
     $page=trim(mysql_real_escape_string($_GET['page']));
	}
	else
	{
	echo "invalid query";
		exit;
	}
	    	
}

Posted: Fri Aug 24, 2007 4:55 am
by mikesmith76
using ctype_digit instead of is_numeric should stop your ?page=34.365 problem

Posted: Fri Aug 24, 2007 4:58 am
by Defkon1

Code: Select all

<?php
is_numeric(34.365); // always  true
is_numeric('34.365'); //always  true
?>
try to use intval() (to convert it to int) or ctype_digit() instead of is_numeric().

Posted: Fri Aug 24, 2007 6:42 am
by matthijs
You could also cast it to an integer by

Code: Select all

$page = (int)$_GET['page'];
or use a whitelist approach

Code: Select all

$pages = array(1,2,3,4,5); 
if (isset($_GET['page']) && in_array($_GET['page'],$pages)) {
  // requested page valid
} else {
  // invalid
}