I ran a pentest on my app and it should an XSS issue. Essentially, I could do a url like the following and it would give me a popup
https://test.com/index.php?id=12345'><script>alert(1)</script>
So I have implemented something which I hope resolves this issue. At the top of the page I do
$_GET['id'] = urlencode($_GET['id']);
Within the page content, I might then have a link to another page like so
Link
When I now test the page, no pop up is displayed. The pentest is also clear. However, someone else in another location is trying it and they still get the popup. I just wanted to make sure that what I have done is ok?
Additionally, when I view the link in firebug, I see the link with the script part. Should this not be displaying as sanitized within firebug?
Any information appreciated.
Thanks
I think you're looking for htmlentities
I would set it to an intermediate variable, since you're using the $_REQUEST array later instead of $_GET
$id = urlencode(htmlentities($_GET['id']));
and then later
Link
Related
I'm trying to use header() in PHP so it will send a GET request, and also redirect the user to a certain div ID, and originally the code I came up with was this:
header("Location: ?load=10#divName");
However, that gave a 500 error code, due to "redirecting me too many times".
I then tried doing something like this:
header("Location: #divName?load=10");
However, this just completely ignored the GET request, which makes sense, since it thinks it's part of the div ID.
Should I just give up and try using a POST request instead, or is there a way around this? Thanks!
Note: I only am using header() for tests, otherwise, it is connected to an <a> tag.
P.S. If you are wondering what I'm trying to do over here, when you click a button, it sends a request to load more blog posts, and then it directs the user to the last blog post in the list that was just loaded. I changed the div ID for less confusion. Please let me know if there is a better way around this, I'm sure there is!
First using a header tag, you need to use the full URI if you want to redirect to somewhere. I recommend using the global $_SERVER for it. documentation
Second, the thing that you want to do is achievable using javascript and ajax, instead of php. I recommend you research the ajax documentation to see some examples.
But mainly to fix the main problem of "redirecting me too many times", check if you are looping something that can callback the header function more than once.
Okay php newbie here, please bear with me. I am not sure if this is a redundant question but here goes. I have a reference code i want to stick to my url. example: site.com/index.php?refcode=123. That's fine right? we can put anything on there. Naturally the visitor goes to the index page. But if the visitor then clicks on other buttons that leads to other pages in my site, the parameter is gone. Like I want to track which code the visitor has when he sends me an email when he later decides to go to my contact page. How can this be done with php? or can this be done with jquery?
You would be best off saving the url variable into a session variable instead. The session variable will stick with the user so you have access to it no matter what page they go to.
$_SESSION['refcode'] = $_GET['refcode'];
Make sure to use session_start()
But if you do want to do it the way you have asked you can modify all urls on your page and add:
'?'.$_SERVER['QUERY_STRING']
This will add the query string to your url so the next page they go to would still have it. But that does seem like a lot more work.
I'm hoping someone can help me. I am trying to just pass a variable from one page to another in my jQuery mobile website, which you can see here: http://www.muskermcintyre.co.uk/tablet.
The usual way I would do this is the following:
To have a link on the list view page which looks something like this:
View details
Then I would need to use $_GET['profileID'] on my full details page, to get the correct property from the database, obviously just getting that profileID which has been passed from the link on the previous page. It seems this is not possible in jQuery mobile.
Please can anyone suggest the best way to do this?
Thanks!
You can use the same method for your JavaScript as in PHP, the only difference is that you don't have the query string variables as an array named $_GET, you have to parse them yourself. See this answer:
How can I get query string values in JavaScript?
PHP is a server side scripting language.
Once your page is loaded (i.e HTML is generated). You will have to use either JavaScript or JQuery.Or you will have to post back to server to render new HTML.
I just setup some pagination for a search, and the search uses POST variables to define what to search for etc. In my URL I can set the pagination offset like this search/OFFSET, and my links in the pagination link there correctly. However, when I click a link all POST variables vanish even if I explicitly set them so I can use them in the next script. I'm using codeigniter and I have GET turned off and really don't want to store these 5-6 values in a session since then it will get all clumsy.
Does clicking a link fully reload the page and delete POST variables?
Thanks
Yes, clicking a link creates a GET request so wouldn't keep any of the POST data. Although it's technically possible to do so with javascript, that's a bad idea.
This is an entirely appropriate use of GET, please read this fuller explanation.
Yes, clicking a link removes all the POST variables.
Do you have access to change your php page that receives the request? You might want to adjust your variables there to accept either GET or POST:
$defaultvalue='';//change this to '' or NULL or whatever you want
$searchQuery = (isset($_POST['s']) ? $_POST['s'] : (isset($_GET['s'])?$_GET['s']: $defaultvalue));
Then your php page will be better equipped to handle either GET or POST
POST data will only be present during the original request (i.e. it does not persist between requests). If you want data to persist, use sessions. However, it is common practice to use GET for search queries and pages.
You could use an incredibly ugly workaround and set a form full of hidden fields to submit when you click a link. I really wouldn't recommended it though.
You should be able to create a form that submits some set of post variables to the action parameter with the get variables. So the form should submit a post request to http://www.somedomain.com/FormSubmit.php?pag=1&sort=asc This would submit the post values of that form along with the get values of the string. If you can change your link to a form button, you should be good to go.
I have a webpage with a form on it. The heading of the form is this:
<form name="sw" METHOD ="POST" ACTION="logger1.php">
After some event has happened, a javascript function submits the form like this:
document.forms["sw"].submit();
The php file logs the data from the form in a text file on the server, and then redirects the browser to another page. My issue is that I want to examine one of the values in the form from the previous page on the page that the browser is redirected to. I am completely lost. help!
Have you considered using sessions? The $_SESSION[] array might keep your previously posted variable between pages.
Basically all the form information is being passed to the "logger1.php" file in the POST method.
So you need to see what the code in the "logger1.php" file is and see exactly how the file is redirecting once it's done doing what it does.
Then you can possibly append the variable you want passed on to the redirect method in the GET method.
Lets say the variable you want to pass on is:
$_POST['Some_variable']
and the redirect method is something like:
header('Location: some_file.php');
then you can append it this way:
header('Location: some_file.php?variable_name='.$_POST['Some_variable']);
You can append ?info=hello to the end of the URL it redirects to, then retrieve it in PHP with $_GET['info']
You can't. The information is not passed when the browser is redirected so there is no way to access it.
I think the best way to do this would be to store the value in a database. If you are using ASP.NET the easiest way to do this would be to set up a SQL Server Express database. They are free until you go over 10GB.
Cant you put the variable that you want to look at as a get variable added to the url of the redirected page like so http://yourdomain/thepage.php?var=variable