The major weaknesses in many PHP programs are not problems with the PHP language itself, but are caused by programmers' low security awareness. Therefore, you must always pay attention to possible problems in each piece of code to discover the possible impact of incorrect data submission.
Example #1 Dangerous Variable Usage
<?php // 从用户目录中删除一个文件,或者……能删除更多的东西? unlink ($evil_var); // 记录用户的登陆,或者……能否在 /etc/passwd 添加数据? fwrite ($fp, $evil_var); // 执行一些普通的命令,或者……可以执行 rm -rf * ? system ($evil_var); exec ($evil_var); ?>
Always pay attention to your code to ensure that every variable submitted from the client is properly checked, and then ask yourself some questions:
Can this script only affect expected file?
Can abnormal data have any effect after being submitted?
Can this script be used for unintended purposes?
Can this script be combined with other scripts to do bad things?
Are all transactions adequately recorded?
Ask yourself these questions when writing code, otherwise you may have to rewrite the code to increase security in the future. If you pay attention to these problems, you may not be able to completely guarantee the security of the system, but you can at least improve the security.
Also consider turning off register_globals, magic_quotes or other settings that make programming more convenient but will mess up the legality, source and value of a variable. During development, you can use the error_reporting(E_ALL) mode to help check whether variables have been checked or initialized before use, so as to prevent some abnormal data from being messed up.