FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Validate Radio Buttons?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Validate Radio Buttons? [message #182386 is a reply to message #182383] Fri, 02 August 2013 01:25 Go to previous messageGo to previous message
Christoph Michael Bec is currently offline  Christoph Michael Bec
Messages: 207
Registered: June 2013
Karma:
Senior Member
Jerry Stuckle wrote:

> On 8/1/2013 5:16 PM, Twayne wrote:
>> On 2013-07-31 3:07 PM, Jerry Stuckle wrote:
>>> On 7/31/2013 2:20 PM, Twayne wrote:
>>>> Hi all,
>>>>
>>>> I was wondering what the general consensus might be on this:
>>>>
>>>> Should one Validate Radio Buttons for an online website contact form?
>>>>
>> ...
>>
>>>
>>> Good practice means you ALWAYS validate ALL information from the user.
>>> You may have a radio button on your form - but there is no guarantee the
>>> request comes on from your form.
>>>
>>> I can easily build a page which has invalid information and submit it to
>>> your site. Or even use tools like cURL to feed your site invalid
>>> information.
>>>
>>
>> Care to share the "how" of doing that, or better yet some code? This
>> particular form isn't "live" yet or I'd put it somewhere and let you at
>> it if I didn't have orders to the contrary from on-high :)
>> I've done my best but it's obviously not enough or my questions
>> wouldn't exist.

To better understand potential exploits, you may start with RFC 2616,
the specification of HTTP/1.1[1]. Then you may go along doing some
simple telnet sessions, e.g.

$ telnet example.com 80
Trying 93.184.216.119...
Connected to example.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: example.com

HTTP/1.1 200 OK
[...]

You may augment your understanding of the HTTP protocol by inspecting
the HTTP headers that are actually sent and received by a browser (for
instance, Firefox has Tools->Live HTTP headers). You may reconstruct
some requests done from the browser with telnet, where you may change
some of the header fields, watching the results. A trivial example:
create a file test.php and put it in the web root of your localhost:

<?php

echo $_SERVER['HTTP_HOST'];

Then do:

$ telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
GET /test.php HTTP/1.1
Host: surprise

HTTP/1.1 200 OK
Date: Fri, 02 Aug 2013 01:13:23 GMT
Server: Apache/2.4.3 (Win32) OpenSSL/1.0.1c PHP/5.4.7
X-Powered-By: PHP/5.4.7
Content-Length: 8
Content-Type: text/html

surprise

Finally you may simplify and automate such requests by using cURL[2] or
the PHP cURL extension[3], for example.

> No problem at all. I just build a page on my site (or locally if I have
> a web server installed) and have the form's action= point at the script
> on your site. I can place anything I want on the page and it will be
> sent to your script.
>
> There is nothing which requires input to your site to come from a form
> on your site. It can come from anywhere - something hackers use to
> their advantage.

As Twayne is checking the referrer, you'd have to spoof that too. Of
course that is no big deal either, but it should be noted.

[1] <http://tools.ietf.org/html/rfc2616>
[2] <http://curl.haxx.se/>
[3] <http://php.net/manual/en/book.curl.php>

--
Christoph M. Becker
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: sql order but move some rows bottom
Next Topic: OPcache in php5.5.1 on Windows
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Dec 01 06:03:43 GMT 2024

Total time taken to generate the page: 0.04084 seconds