Loading ...
Sorry, an error occurred while loading the content.

Re: [php_greek] Apories PHP

Expand Messages
  • nop nop
    1) an katalaba kala xreiazesai thn is_string ... $result = is_string ($string) to $result pernei timi false i true... 2.Gia kanto mas ligo pio liana... An
    Message 1 of 2 , Mar 12, 2004
    • 0 Attachment
      1) an katalaba kala xreiazesai thn is_string ...

      $result = is_string ($string) to $result pernei timi
      false i true...

      2.Gia kanto mas ligo pio liana...
      An katalaba kala rotas gia to pos tha apouikeyseis ena
      password md5 sti basi? an nai tote to kaneis opos kai
      me to select ..
      INSERT INTO <table> (pasword_field) VALUES
      (PASSWORD('$pass'));
      Kai to kaneis select WHERE password_field =
      PASSWORD('$pass')
      Auto pou den katalabaino einai to
      <<$pass=PASSWORD('$pass')>> giati thes na to kaneis
      auto??
      Profanos i $pass einai $_REQUEST kai mallon prepei na
      grapseis to kodika sou :
      $sql="select * from table where
      $pass_field=PASSWORD('$pass')";

      Oso anafora to pedio password prosexe giati logika
      prepei na dexesai idia passwords oxi omos idia
      usernames... se ayth th periptosi to query mporei na
      sou ferei pano apo ena record!!!
      skepsou kapoios na bazei ena password kai na tou leei
      to systima oti yparxei to password idi sti basi!!!
      Automata kserei oti to password auto xrisimopoiitai
      apo kapoion allo xristi. Etsi an kapou kaneis list ta
      usernames tote me ena brute force tropo exeis ena
      eukolo intruder sto systima sou..

      (Auto episis einai kai ena mikro security tip gia
      osoys ftiaxnon authentication-login scripts()

      Takis M.
      Cyborgon Webmaster
      http://www.cyborgon.com


      --- mariapapa@... έγραψε:
      ---------------------------------
      Exw merikes apories.

      1) Poia sinartisi eksetazei an kapoio string einai
      alphanumeric?
      dokimasa if(is_alpha($var)) {blabla()} kai den
      epiase. Sto site (http://www.php.net) leei oti den
      iparxei is_alpha. Any ideas?

      2) Mipws kserei kaneis stin mysql pws prepei na orisw
      mia stili etsi wste na einai dekto o eksis php
      kwdikas?
      $sql="select * from table where
      $pass=PASSWORD('$pass')";
      $res=mysql_query($sql);
      echo("Now executing $sql");


      --
      Ελληνική PHP mailing list



      ---------------------------------
      Yahoo! Groups Links

      To visit your group on the web, go to:
      http://groups.yahoo.com/group/php_greek/

      To unsubscribe from this group, send an email to:
      php_greek-unsubscribe@yahoogroups.com

      Your use of Yahoo! Groups is subject to the Yahoo!
      Terms of Service.


      ____________________________________________________________
      Do You Yahoo!?
      Αποκτήστε τη δωρεάν @... διεύθυνση σας στο http://www.otenet.gr
    Your message has been successfully submitted and would be delivered to recipients shortly.