security - How safe are PHP session variables? -

-

I have a login script that verifies the user name / password against the data in the 'Users' table. Also, I have a 'roles' table that specifies the access level of a given user. Assuming that I am using a secure login script, in order to find the user's authorization level and store it in the session's variable, simply execute an additional query on successful login against the 'roles' table. Is there a security hole? This idea would be that with a mixed authority on any page, I could query session variables to enter the session's user's authentication level.

Thank you.

It is quite safe compared to sessions, say cookies but it is still possible to steal a session And thus the hacker will have total access to whatever is in that session. Some ways to avoid this are checking IP (which works very well, but very little and thus is not reliable on your own) Generally, with a per page, you have " Token ", so that each page checks out that this page does not have this collection that matches.

In either the security check, there is a loss of applicability if you check the IP and the user is behind the intranet firewall (or any other condition due to this), which is stable for that user If they do not keep them, then they will have to re-certify to lose their IP every time. With one luck, you always get to enjoy "Clicking back will cause the breakdown of this page".

But with a cookie, a hacker can steal the session using simple XSS techniques. If you store a user's session ID as a cookie, they are also weak for it. So even if this session is only for someone who knows the server-level hacks (which requires more sophisticated methods and usually requires some additional privileges, if your server is secure) , You still need some extra level on each script request, you should not use cookies and AJAX together, because it completely It's easy to go into the city if it is stolen cookies, because you can not get security checks on every request your Ajax requests. For example, if the page uses a non-page, but the page is never reloaded, the script can only check that match. And if the cookie is getting the authentication method, then I can now go to my evil city using the theft cookie and AJX hole.


Comments

Post a Comment

Popular posts from this blog

c# - ListView onScroll event -

-
I am programming a simple C # application, and I need a Scallow event on the list view. So I inherited the original ListView class created in ListviewEx witch. I found out how to locate the scroll message from WinAPI and I modified the WndProc method. Now I have this WndProc: protected override zero WndProc (Ref message message) {base.WndProc (Ref I); If (m.msg == WM_VSCROLL) {onScroll (This, New EventArgs ()); }} But the problem is, I do not know how to know about scrolling information. This data should be in wParam, but there is a LOWORD macro ++ like in C in C # and I switch to find the criteria like SB_ below, SB_ENDSCROLL, SB_PAGEUP etc. there any way Need to change the LOWORD macro from C #? Or any other way to find the necessary parameters about scrolling? You can define the WParam constants as the following: Private const int WM_HSCROLL = 0x114; Private Constant WM_VSCROLL = 0x115; Private contact int SBHOZZ = 0; Private Consultant SB_VERT = 1; Private Con...
Read more

PHP - get image from byte array -

-
I am trying to create a back-end for my mobile application. I am sending the content of an image in the body of the HTTP request (output stream) as a byte array, I want to read this stream of bytes in PHP scripts and take back an image. Can anyone tell me how can I do this? Thank you. You can obtain the request body $ body = Reading from file_get_contents ('php: // input'); What you do with that data Depending on you, you can write the data in a file as you mentioned that this is image data, you can drop the data into the object can do. Another option is to use and load the image.
Read more

Linux Terminal Problem with Non-Canonical Terminal I/O app -

-
I have a small app written in C to run on Linux. Part of the app accepts user-input from keyboard , And it uses non-canonical terminal mode so that it can respond to each keystroke. The section of the code that accepts input is a simple task that is called repeatedly in the loop: char get_input () {char C = 0; Int res = reading (input_tamille, & amp; c, 1); If (RSS == 0) 0 returns; If (res == -1) {/ * snip error handling * /} return c; } It reads a letter from the terminal if there is no input within a given time limit, (c_cc [VTIME] value in the vocabulary structure), read () 0 And get_input () is called again It all works very well, I have recently discovered that if you run this app in a terminal window, and then the app Close the terminal window without ending, the app will not exit Received, but CPU intensive launches into an infinite loop, where the read () returns 0 without waiting continued. So how can I get out of the apple if it runs from the terminal win...
Read more