Tell a Friend
Posted by
Danduanilkumar
on Monday, August 31, 2009
/
Comments: (0)
http://secure.socialtwist.com/signup?fw
http://tellafriend.socialtwist.com/?fh
The above sites are useful to place in our site in order to refer a friend (or)
tell a friend by selecting the account like gmail,yahoo etc...
diff between mysql_escape_string and mysql_real_escape_string
Posted by
Danduanilkumar
Labels:
mysql_escape_string,
mysql_real_escape_string
/
Comments: (0)
$item = "Zak's Laptop";
$a=mysql_connect('localhost','root','');
//$escaped_item = mysql_escape_string($item);
$escaped_item = mysql_real_escape_string($item);
echo $escaped_item;
?>
output : Zak\'s Laptop
See the code above we use the server connection, in case of using the mysql_real_escape_string,
if you are not mention the server connection
i.e $a=mysql_connect('localhost','root','');
you may get the error below
Warning: mysql_real_escape_string(): Access denied for user 'ODBC'@'localhost' (using password: NO) in c:\program files\easyphp1-8\www\currentworking\bikes_adda\mysql.php on line 5
Warning: mysql_real_escape_string(): A link to the server could not be established in c:\program files\easyphp1-8\www\currentworking\bikes_adda\mysql.php on line 5
so before using mysql_real_escape_string , use server connection.
BUT In case of mysql_escape_string , we noneed to use of server conncetion.
just use the code normally...
$item = "Zak's Laptop";
$escaped_item = mysql_escape_string($item);
echo $escaped_item;
?>
output : Zak\'s Laptop
Note: mysql_escape_string() does not escape % and _.
$a=mysql_connect('localhost','root','');
//$escaped_item = mysql_escape_string($item);
$escaped_item = mysql_real_escape_string($item);
echo $escaped_item;
?>
output : Zak\'s Laptop
See the code above we use the server connection, in case of using the mysql_real_escape_string,
if you are not mention the server connection
i.e $a=mysql_connect('localhost','root','');
you may get the error below
Warning: mysql_real_escape_string(): Access denied for user 'ODBC'@'localhost' (using password: NO) in c:\program files\easyphp1-8\www\currentworking\bikes_adda\mysql.php on line 5
Warning: mysql_real_escape_string(): A link to the server could not be established in c:\program files\easyphp1-8\www\currentworking\bikes_adda\mysql.php on line 5
so before using mysql_real_escape_string , use server connection.
BUT In case of mysql_escape_string , we noneed to use of server conncetion.
just use the code normally...
$item = "Zak's Laptop";
$escaped_item = mysql_escape_string($item);
echo $escaped_item;
?>
output : Zak\'s Laptop
Note: mysql_escape_string() does not escape % and _.
mysql_real_escape_string
Posted by
Danduanilkumar
on Sunday, August 30, 2009
Labels:
mysql,
mysql_real_escape_string,
php,
sql injection
/
Comments: (0)
mysql_real_escape_string
(PHP 4 >= 4.3.0, PHP 5)
mysql_real_escape_string -- Escapes special characters in a string for use in a SQL statement
mysql_real_escape_string -- Escapes special characters in a string for use in a SQL statement
Description
string mysql_real_escape_string ( string unescaped_string [, resource link_identifier] )Escapes special characters in the unescaped_string, taking into account the current character set of the connection so that it is safe to place it in a mysql_query(). If binary data is to be inserted, this function must be used.
mysql_real_escape_string() calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00, \n, \r, \, ', " and \x1a.
This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.
Parameters
- unescaped_string
- The string that is to be escaped.
- link_identifier
- The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If by chance no connection is found or established, an E_WARNING level warning is generated.
Examples
Example 2. An example SQL Injection Attack
|
Example 3. A "Best Practice" query Using mysql_real_escape_string() around each variable prevents SQL Injection. This example demonstrates the "best practice" method for querying a database, independent of the Magic Quotes setting.
|
Notes
Note: A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned. If link_identifier isn't defined, the last MySQL connection is used.
Note: If magic_quotes_gpc is enabled, first apply stripslashes() to the data. Using this function on data which has already been escaped will escape the data twice.
Note: If this function is not used to escape data, the query is vulnerable to SQL Injection Attacks.
Note: mysql_real_escape_string() does not escape % and _. These are wildcards in MySQL if combined with LIKE, GRANT, or REVOKE.
Session Hijacking
Posted by
Danduanilkumar
on Saturday, August 29, 2009
/
Comments: (0)
The usage of sessions is the php developer’s most common use since we constantly need to transact data from step to step. An average programmer would say that using sessions is far more secure than letÃs say cookies since the session data is server side data, thing that is partially correct.
The fact that the attacker can’t have a clear look at what and where you store comes to your advantage but a more dedicated attacker can go a bit further than this presumption.
A must have for the attacker in a session hijack is the Session Identifier so he can impersonate the attack. Let’s presume for example that you have your website hosted on a shared hosting on which PHP is installed as an Apache module, thing that makes session files belong to the web user, in other words: accessible.
Some more elaborated attacks could be categorized as follows:
* Prediction
* Capture
* Fixation
Prediction refers to guessing a session identifier, approach that can be rather irrelevant since the native php session identifier is far too random to be analyzed at a glance so the next one can be predicted, meaning the attacker’s focus is not usually here.
Capture on the other hand is the session hijacker’s best practice since it is rather versatile. Having the fact that the session id is being propagated by numerous resorts such as HTTP Headers, Cookies, E-mail Headers and so on, accessing it couldn’t be too hard for the attacker could it?
The worst of this is that each of these ways of session id propagation can be a door for attackers so which one is the best for us? Well, on a small scale, cookies are a bit less exposed than the $_GET data for example, so if you have cookies enabled you can work with that as browsers are generally speaking secure – there were just a few miss-behaviors in Internet Explorer.
Fixation is not a very complex method but if you rely your session security on a mere session_start() you are in trouble. Since you only work with the default Session Identifier, reproducing a common user’s HTTP Header isn’t that difficult, so how do we work with this?
Let’s base an example on a simple HTTP Header such as:
GET / HTTP/1.1
Host: example.org
User-Agent: Mozilla/5.0
Accept: text/xml, image/png, image/jpeg, image/gif, */*
Cookie: PHPSESSID=1234
So we have the HTTP Header in its simplest form yet we have some data to work with. Taking for example that seconds after you get this another request from a different user agent.
As an educated developer one must assume the worst case scenario: this might come from an attacker and not from a user using two browsers. A common use in this case might be re-asking for the user’s credentials, thing that would not impose any issue on the user’s behalf but would disarm the attacker at this stage.
An easy approach to this would be generating a MD5 for the User Agent but than again, MD5 strings are quite easy to recognize so why not using a more elaborated approach and binding a passkey to the algorithm?
$token = $_SERVER['HTTP_USER_AGENT'];
$token .= 'ABRACADABRA';
$securetoken = md5($token);
This approach can help you prevent some of the attacks but not all of them as you can imagine.
Another best practice to preventing the evil session hijack is using the session’s session_regenerate_id() once the user logs in so if his session identifier has been ’sniffed’ somewhere along the way the chase ends there and so the attacker would have to go all over again.
So we know now how this works, some best practices but how can we make it full proof?
Unfortunately, I do not have an answer for the 100% but I have some answers that will make your application safe to most attacks.
Secure practices
The fact that the attacker can’t have a clear look at what and where you store comes to your advantage but a more dedicated attacker can go a bit further than this presumption.
A must have for the attacker in a session hijack is the Session Identifier so he can impersonate the attack. Let’s presume for example that you have your website hosted on a shared hosting on which PHP is installed as an Apache module, thing that makes session files belong to the web user, in other words: accessible.
Some more elaborated attacks could be categorized as follows:
* Prediction
* Capture
* Fixation
Prediction refers to guessing a session identifier, approach that can be rather irrelevant since the native php session identifier is far too random to be analyzed at a glance so the next one can be predicted, meaning the attacker’s focus is not usually here.
Capture on the other hand is the session hijacker’s best practice since it is rather versatile. Having the fact that the session id is being propagated by numerous resorts such as HTTP Headers, Cookies, E-mail Headers and so on, accessing it couldn’t be too hard for the attacker could it?
The worst of this is that each of these ways of session id propagation can be a door for attackers so which one is the best for us? Well, on a small scale, cookies are a bit less exposed than the $_GET data for example, so if you have cookies enabled you can work with that as browsers are generally speaking secure – there were just a few miss-behaviors in Internet Explorer.
Fixation is not a very complex method but if you rely your session security on a mere session_start() you are in trouble. Since you only work with the default Session Identifier, reproducing a common user’s HTTP Header isn’t that difficult, so how do we work with this?
Let’s base an example on a simple HTTP Header such as:
GET / HTTP/1.1
Host: example.org
User-Agent: Mozilla/5.0
Accept: text/xml, image/png, image/jpeg, image/gif, */*
Cookie: PHPSESSID=1234
So we have the HTTP Header in its simplest form yet we have some data to work with. Taking for example that seconds after you get this another request from a different user agent.
As an educated developer one must assume the worst case scenario: this might come from an attacker and not from a user using two browsers. A common use in this case might be re-asking for the user’s credentials, thing that would not impose any issue on the user’s behalf but would disarm the attacker at this stage.
An easy approach to this would be generating a MD5 for the User Agent but than again, MD5 strings are quite easy to recognize so why not using a more elaborated approach and binding a passkey to the algorithm?
$token = $_SERVER['HTTP_USER_AGENT'];
$token .= 'ABRACADABRA';
$securetoken = md5($token);
This approach can help you prevent some of the attacks but not all of them as you can imagine.
Another best practice to preventing the evil session hijack is using the session’s session_regenerate_id() once the user logs in so if his session identifier has been ’sniffed’ somewhere along the way the chase ends there and so the attacker would have to go all over again.
So we know now how this works, some best practices but how can we make it full proof?
Unfortunately, I do not have an answer for the 100% but I have some answers that will make your application safe to most attacks.
Secure practices
- Do not trust users. Common users are not security educated users so they can easily fall for CSRF attacks and as long as the user is a victim, so are you. If you have any doubt whatsoever on a user’s action do not hesitate to ask for credentials. He wouldn’t mind as long as you tell him that it is for his own protection.
- If on a shared hosting make use of session_save_path() This will allow you to set a new path for your session data storage, a more secure one that the default setting up. Make sure that the folder you store the data is secured and make use of your .htaccess file to limit access there.
- Wondered why there are both $_COOKIE and $_SESSION? What you must take into consideration here is that cookies have a different purpose than storing session data so why not leave that as it is? XSS Faltering is quite common so your cookies are not safe.
- Do not pass your session identifier in URLs By now you should be aware that the session identifier is the attacker’s must have and that your main task is to keep it well hidden so why just serving it to the attacker? As you can imagine this goes for $_GET as well.
- If skeptical on the entire HTTP Headers issue, use a security token at all time If nothing in the world could determine you to filter every incoming message than the least you can do is to use a security token at all time. A light example of such a token could be:
1
$token = md5(uniqid(rand(), true));
sql injection in php mysql
Posted by
Danduanilkumar
Labels:
mysql,
php,
php sql injection,
sql injection,
sql injection in php mysql
/
Comments: (0)
Now a days we are creating the dynamic websites using php and mysql ,
because of less cost and more safety..
in every dynamic website, we see the login page in order to login, here we have small problems,
the problems, the people who is having the knowledge of programming, they can play some tricks
inorder to login to your account, using small tricks,
i'm going to explain with the example...
if the query is like the following , in the backend i.e
$qw="select * from tbl_admin where user_name=$_POST[username] and
upassword=$_POST[password]";
select * from tbl_admin where user_name="" or "1"="1" and upassword="" or "1"="1"
username : "" or "1"="1"
password : "" or "1"="1"
-----------------------------------------------------------------------------------
$qw="select * from tbl_admin where user_name='$_POST[username]' and upassword='$_POST[password]'";
select * from tbl_admin where user_name=' ' or "1"='1' and upassword=' ' or "1"='1'
username : ' or "1"='1
password : ' or "1"='1
-------------------------------------------------------------------------------------------------------------------------------------------------------------
$qw='select * from tbl_admin where user_name="'.$_POST[username].'" and upassword="'.$_POST[password].'"';
select * from tbl_admin where user_name="" OR ""="" and upassword="" OR ""=""
username : " OR ""="
password : " OR ""="
select * from tbl_admin where user_name="" or "1"="1" and upassword="" or "1"="1"
username : " or "1"="1
password : " or "1"="1
------------------------------------------------------------------------------------------
Inorder to avoid those we will write the query in good passion...
because of less cost and more safety..
in every dynamic website, we see the login page in order to login, here we have small problems,
the problems, the people who is having the knowledge of programming, they can play some tricks
inorder to login to your account, using small tricks,
i'm going to explain with the example...
if the query is like the following , in the backend i.e
$qw="select * from tbl_admin where user_name=$_POST[username] and
upassword=$_POST[password]";
select * from tbl_admin where user_name="" or "1"="1" and upassword="" or "1"="1"
username : "" or "1"="1"
password : "" or "1"="1"
-----------------------------------------------------------------------------------
$qw="select * from tbl_admin where user_name='$_POST[username]' and upassword='$_POST[password]'";
select * from tbl_admin where user_name=' ' or "1"='1' and upassword=' ' or "1"='1'
username : ' or "1"='1
password : ' or "1"='1
-------------------------------------------------------------------------------------------------------------------------------------------------------------
$qw='select * from tbl_admin where user_name="'.$_POST[username].'" and upassword="'.$_POST[password].'"';
select * from tbl_admin where user_name="" OR ""="" and upassword="" OR ""=""
username : " OR ""="
password : " OR ""="
select * from tbl_admin where user_name="" or "1"="1" and upassword="" or "1"="1"
username : " or "1"="1
password : " or "1"="1
------------------------------------------------------------------------------------------
Inorder to avoid those we will write the query in good passion...
file convertion sites
Posted by
Danduanilkumar
on Monday, August 24, 2009
Labels:
doc to docx,
file convertion,
file convertion sites
/
Comments: (0)
I found two best sites to convert form one filw format to any other format...
http://www.convertfiles.com/
http://www.zamzar.com/
http://www.convertfiles.com/
http://www.zamzar.com/
Magadheera Movie Review
Posted by
Danduanilkumar
on Sunday, August 23, 2009
Labels:
2009 magadheera,
chiru,
kazal,
latest review on magadheera,
magadheera,
megastar,
movie review,
rajamouli,
reviews,
sensation
/
Comments: (0)
Magadheera, the name itself shows sensation, now it proves on the screen and it's still going........
So ,it is the movie never expected by any telugu audience in those dreams, now the movie
equalize with the hollywood...that is the stamina of magadheera.
Hero : Ram Charan ( Son of Mega Star...! ) and Anothe name of ramcharan Andhra Bradpitt
Heroine : Kazal ( Angel with Smile)
Director : RajaMouli (Equal word of Sensation )
world's highest website
Posted by
Danduanilkumar
on Thursday, August 20, 2009
/
Comments: (0)
Today when i surf with internet i find very different website , that is world's highest website in the form of height that is 18.9kms height of the index page in that website Just gothrough it,and think of yourself how web technology is improved..
http://worlds-highest-website.com/
http://worlds-highest-website.com/
Common Symbols
Posted by
Danduanilkumar
on Wednesday, August 19, 2009
The following are the common symbols , u can find in chat session most of the times
the people who doesn't no this , now they can here.....
the people who doesn't no this , now they can here.....
- ! – Comment
- ? – Question
- 121 – One To One
- 143 – I Love You
- 182 – I Hate You
- 2moro – Tomorrow
- 2nyt – Tonight
- 2U2 – To You Too
- 404 – Don’t Have A Clue
- 411 – Information
- 4Q – F*** You
- <3>
- A3 – Anytime/Anyplace/Anywhere
Chat shortcuts & abbrevations
Posted by
Danduanilkumar
Labels:
abbrevations,
asap means,
chat,
chat codes,
chat shortcuts
/
Comments: (0)
You are searching for the shortcuts in chat here you have with more guys....
- AFAIK – As Far As I Know
- AFK – Away From Keyboard
- ASAP – As Soon As Possible
- ASL – Age/Sex/Location
- ASO – Ass Hole
- BBL – Be Back Later
- BBS – Be Back Soon
- BBYE – Buh Bye
- B4 – Before
- BF – Boy Friend
- BRB – Be Right Back
- BTW – By The Way
- BWL – Bursting With Laughter
- C&G – Chuckle & Grin
- COS/COZ – Because
- CNP – Continued (in my) Next Post
- CYC – Check Your Chat
- CYA – See You
- CYAL8R – See You Later
- DLTBBB – Don’t Let The Bed Bugs Bite
- D – The
- FYI – For Your Information
- FAQ – Frequently Asked Questions
- FYN – Fine
- GAL – Girl
- GF – Girl Friend
- GM – Good Morning
- GN – Good Night
- GFN – Gone For Now
- IC – I See
- IGP – I Gotta Pee
- IOW – In Other Words
- JK – Just Kidding
- KK – Ok
- LOL – Laughing Out Loud
- LTNS – Long Time No See
- OIC- Oh! I See
- M/F – Male Or Female
- MSG – Message
- PLS – Please
- PMP – Peed My Pants
- ROFL – Rolling On Floor Laughing
- SWL – Screaming With Laughter
- TGIF – Thank God It’s Friday
- TC – Take Care
- TFS – Thanks For Same
- WTF/WTH – What the F / What the Heck
india is developed or developing or nothing
Posted by
Danduanilkumar
/
Comments: (1)
give me your opinions on this topic...