FUDforum: comp.lang.php » Magic quotes? Should I still be cautious?

Home » Imported messages » comp.lang.php » Magic quotes? Should I still be cautious?

Show: Today's Messages :: Polls :: Message Navigator

Re: Magic quotes? Should I still be cautious? [message #176512 is a reply to message #176509]

Sun, 08 January 2012 20:59

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 1/8/2012 2:52 PM, Arno Welzel wrote:
> Jerry Stuckle, 2012-01-07 00:12:
>
> [...]
>> I didn't say you didn't need to validate the parameter. But limiting
>> values to the proper operation makes it harder for hackers to break in.
>>
>> It DOES matter where it came from - and data coming in from the wrong
>> variable can get their IP blocked from the site. There is no use making
>> it easy for them.
>
> So you also check, if a parameter is *not* passed as GET if you expect
> it as POST? Because otherwise this "security check" would not make any
> sense.
>
>
>

Where security is important, yes. And if I see suspicious activity I
block the IP. But more often than not, they try to pass POST data in a
GET request (because it's so easy). It's quite easy to ensure that data
which should only be passed in a POST request isn't coming in the GET
request.

But even more importantly, I ensure that data coming from a POST request
is ONLY coming via $_POST - and not a mixture of $_GET and $_POST. It's
another trick hackers will do.

I do other things also, but don't want to get into too much detail in a
public forum.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		Magic quotes? Should I still be cautious? By: Michael Joel on Thu, 29 December 2011 20:55
		Re: Magic quotes? Should I still be cautious? By: Michael Fesser on Thu, 29 December 2011 21:04
		Re: Magic quotes? Should I still be cautious? By: Michael Joel on Thu, 29 December 2011 21:53
		Re: Magic quotes? Should I still be cautious? By: Michael Joel on Thu, 29 December 2011 22:08
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Thu, 29 December 2011 22:22
		Re: Magic quotes? Should I still be cautious? By: Peter H. Coffin on Thu, 29 December 2011 23:53
		Re: Magic quotes? Should I still be cautious? By: Michael Joel on Fri, 30 December 2011 04:32
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Fri, 30 December 2011 11:38
		Re: Magic quotes? Should I still be cautious? By: Michael Joel on Fri, 30 December 2011 14:52
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Mon, 02 January 2012 14:02
		Re: Magic quotes? Should I still be cautious? By: Michael Fesser on Fri, 30 December 2011 12:18
		Re: Magic quotes? Should I still be cautious? By: alvaro.NOSPAMTHANX on Fri, 30 December 2011 09:26
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Fri, 30 December 2011 13:42
		Re: Magic quotes? Should I still be cautious? By: Michael Joel on Fri, 30 December 2011 14:52
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Wed, 04 January 2012 14:55
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Thu, 05 January 2012 13:08
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Thu, 05 January 2012 13:22
		Re: Magic quotes? Should I still be cautious? By: The Natural Philosoph on Thu, 05 January 2012 13:36
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Thu, 05 January 2012 14:20
		Re: Magic quotes? Should I still be cautious? By: The Natural Philosoph on Thu, 05 January 2012 15:49
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Thu, 05 January 2012 13:39
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Thu, 05 January 2012 23:28
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 00:36
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Fri, 06 January 2012 10:16
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Fri, 06 January 2012 11:05
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 13:32
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Fri, 06 January 2012 17:18
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 18:04
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Sun, 08 January 2012 19:48
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Fri, 06 January 2012 19:14
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Fri, 06 January 2012 19:24
		Re: Magic quotes? Should I still be cautious? By: The Natural Philosoph on Fri, 06 January 2012 19:34
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Fri, 06 January 2012 20:11
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 23:12
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Sat, 07 January 2012 16:59
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Sat, 07 January 2012 20:54
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Sun, 08 January 2012 01:13
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Sun, 08 January 2012 01:33
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Sun, 08 January 2012 23:21
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Mon, 09 January 2012 00:05
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Sun, 08 January 2012 19:52
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Sun, 08 January 2012 20:59
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Wed, 11 January 2012 10:00
		Re: Magic quotes? Should I still be cautious? By: The Natural Philosoph on Wed, 11 January 2012 11:53
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Wed, 11 January 2012 13:45
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Wed, 11 January 2012 14:43
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Wed, 11 January 2012 13:44
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Wed, 11 January 2012 14:47
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Wed, 11 January 2012 14:51
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Wed, 11 January 2012 17:09
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Wed, 11 January 2012 19:01
		Re: Magic quotes? Should I still be cautious? By: Arno Welzel on Thu, 12 January 2012 07:58
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Fri, 06 January 2012 16:41
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 18:05
		Re: Magic quotes? Should I still be cautious? By: Erwin Moller on Fri, 06 January 2012 10:07
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Fri, 06 January 2012 17:05
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 18:07
		Re: Magic quotes? Should I still be cautious? By: M. Strobel on Fri, 06 January 2012 18:45
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Fri, 06 January 2012 23:09
		Re: Magic quotes? Should I still be cautious? By: Thomas Mlynarczyk on Sat, 07 January 2012 17:08
		Re: Magic quotes? Should I still be cautious? By: Jerry Stuckle on Sat, 07 January 2012 20:59

Previous Topic:	Lilupophilupop
Next Topic:	[WSP] CALL FOR PAPERS [FREE]

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Fri Nov 22 13:54:19 GMT 2024

Total time taken to generate the page: 0.03296 seconds