Working Script w/text input, examples of to attack?
Posted: Thu May 08, 2008 3:52 pm
I just posted this working hexadecimal validation PHP script on my blog as an example of how to implement functions, regex, and how to determine if a hexadecimal value is valid or not (based on the regex rules).
It contains text inputs and eventually (in maybe about half a year) I'll be using my own in-house built PHP/MySQL database so I'm interested in learning and applying defenses against various attack methods.
So essentially what sort of funky stuff can I type in to the text forms to emulate an attack? How else can an attack occur if at all besides undesirable characters in the text forms during post method request(s)? Right now it's not utilizing a MySQL database but it eventually will. It would help to clarify if an attack is targeting the PHP and/or the MySQL for vulnerabilities.
Here is the script I wrote...
It contains text inputs and eventually (in maybe about half a year) I'll be using my own in-house built PHP/MySQL database so I'm interested in learning and applying defenses against various attack methods.
So essentially what sort of funky stuff can I type in to the text forms to emulate an attack? How else can an attack occur if at all besides undesirable characters in the text forms during post method request(s)? Right now it's not utilizing a MySQL database but it eventually will. It would help to clarify if an attack is targeting the PHP and/or the MySQL for vulnerabilities.
Here is the script I wrote...
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>PHP Serverside Validation of Hexadecimal post data</title>
<style type="text/css">
body,html {font-family: monospace;}
b {color: #00f;}
b.bad {color: #f00;}
b.good {color: #0f0;}
</style>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<fieldset>
<p>This page's <b>GET request</b> will use values that start with <b>#</b>.</p>
<p>To test custom values follow the label directions below to test validation; all default values are valid examples.</p>
<label for="ce1">Use <b class="good">3</b> characters, don't use <b class="bad">#</b>: <input id="ce1" name="ce1" value="abc" /></label>
<br />
<label for="ce2">Use <b class="good">6</b> characters, don't use <b class="bad">#</b>: <input id="ce2" name="ce2" value="abcdef" /></label>
<br />
<label for="ce3">Use <b class="good">3</b> characters, do use <b class="good">#</b>: <input id="ce3" name="ce3" value="#123" /></label>
<br />
<label for="ce4">Use <b class="good">6</b> characters, do use <b class="good">#</b>: <input id="ce4" name="ce4" value="#789456" /></label>
<br style="clear: both;" />
<input style="display: block; width: 60%;" type="submit" value="Validate Hexadecimal Values" />
</fieldset>
</form>
<div>
<?php
// For values that do *not* start with #
$regex_a = '/^[a-f0-9]{3}$/';
$regex_b = '/^[a-f0-9]{6}$/';
// For values that *do* start with #
$regex_c = '/^#[a-f0-9]{3}$/';
$regex_d = '/^#[a-f0-9]{6}$/';
/*
1.) Regular Expressions are encased with slashes //.
2.) Since they are assigned to variables they are obviously encased within quotes.
3.) ^ == 'Starts with, $regex_c and $regex_d must start with # to match.
4.) [a-f] == Range, only the letters a,b,c,d,e,f match.
5.) [a-f0-9] == Multiple ranges, a,b,c,d,e,f,0,1,2,3,4,5,6,7,8,9 match.
6.) [a-ce-f0-35-8] == Three ranges, a,b,c,e,f,0,1,2,3,5,6,7,8 match in example.
7.) {3} == *Exact length number* of characters, only three characters allow.
8.) {6} == Exact length number of characters allowed is six, not 5/less or 7/more.
9.) {3,6} == Exact length allowed is between 3 and 6, 123, 1234, 12345, 987654 match.
10.) {3,} == Exact or greater length; allowed number of characters here is *three or more*.
11.) $ == Ends with matching characters, which will match in my regex ranges a-f and 0-9.
So $regex_a = '/^[a-f0-9]{3}$/' reads as...
'Starts with any a-f0-9 and must be exactly 3 characters in length.'
So $regex_b = '/^[a-f0-9]{6}$/'; reads as...
'Starts with any a-f0-9 and must be exactly 6 characters in length.'
So $regex_c = '/^#[a-f0-9]{3}$/'; reads as...
'Must starts with #, can contain the characters a-f0-9, and must be exactly 3 characters in length.'
So $regex_d = '/^#[a-f0-9]{6}$/'; reads as...
'Must starts with #, can contain the characters a-f0-9, and must be exactly 6 characters in length.'
*/
if ($_SERVER['REQUEST_METHOD'] == 'GET')
{
$var_a = '123';
$var_b = '123456';
$var_c = '#abc';
$var_d = '#abcdef';
}
else if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$var_a = $_POST['ce1'];
$var_b = $_POST['ce2'];
$var_c = $_POST['ce3'];
$var_d = $_POST['ce4'];
}
function my_function($regex, $var)
{
if (preg_match($regex, $var)) {echo '<b class="good">'.$var.'</b> is a <b class="good">match</b>!</b><br />';}
else {echo '<b class="bad">'.$var.'</b> not a <b class="bad">match</b>!</b><br />';}
}
my_function($regex_a,$var_a);
my_function($regex_b,$var_b);
my_function($regex_c,$var_c);
my_function($regex_d,$var_d);
?>
</div>
</body>
</html>