Jump to content

Recommended Posts

Posted

Escaping means to escape all the characters that could cause trouble.

if you were to have a piece of code

//without escaping quotes
echo ' Hello, My name is O'Reilly It's nice to meet you ' ;

You'll get an error here because the string is broken due to the single quotes (') in O'Reilly and it's.

The highlighter makes this problem obvious here.

 

This is a problem in every programming language and a lot of them escape these characters in the same way.

By preceeding them with a \

Eg:

echo ' Hello, My name is O\'Reilly It\'s nice to meet you ' ;

 

Escaping information you're going to use in a query is especially important because, if you don't escape it, You leave your queries vulnerable to SQL injection.

 

Look at this script here:

$strCheckUserSQL = "SELECT * FROM subs WHERE username='$username'";

The string in $_POST['username'] is substituted in place of $username. If my username were to contain a single quote (Like O' Reilly) You'd have an invalide query which looks like this.

"SELECT * FROM subs WHERE username='O' Reilly";

 

This doesn't seem that serious but i could easily add SQL commands into my username to make your query execute commands that i want it to. I could steal all your passwords this way.

To prevent SQL injection (Or atleast make it really difficult to do), You can use the mysql_real_escape_string() function. It requires you to have a connection to the database but you already have that.

 

//Like this
$username = mysql_real_escape_string( $_POST['username'] );

 

I guess it's better that i don't post the string i'd enter to get your passwords.

Here's an example i wrote up if you're interested in learning what SQL injection is: http://ping-localhos...brickhouse.html

 

Also, You could md5 encrypt your passwords. A lot of identity theft happens because people use the same passwords on many sites. So if i were to steal passwords from your sites, I'd try them on every other site too.

  • Like 1
Posted

Thanks for this useful information

so my new code will look like this

<?php
include 'mysql-connect.php';
$username = mysql_real_escape_string( $_POST['username'] );
$password = mysql_real_escape_string( $_POST['password'] );
$firstname = mysql_real_escape_string( $_POST['firstname'] );
$lastname = mysql_real_escape_string( $_POST['lastname'] );
$email = mysql_real_escape_string( $_POST['email'] );
$ip = $_SERVER['REMOTE_ADDR'];
$strCheckUserSQL = "SELECT * FROM subs WHERE username='$username'";
$CheckUserQuery = mysql_query($strCheckUserSQL);
$strCheckEmailSQL = "SELECT * FROM subs WHERE email='$email'";
$CheckEmailQuery = mysql_query($strCheckEmailSQL);
// You really should escape these values, but I'm not going to do that here
mysql_query("INSERT INTO subs (username, password, firstname, lastname, ip, email)
VALUES ('$username', '$password', '$firstname', '$lastname', '$ip', '$email')");
?>

i don't need to md5 the password.

is this script secure??

Can you help me with the other script also please

thanks in advance

Posted

If you really want to be secure you should use MD5 hashing for the passwords.

So if a hacker get's access to your database, he's nothing with the data.

  • Like 1
Posted

Every thing is done and working well until entering data into the db

what do i need to do next to create the subdomains (the cron acript)?

Thanks in advance :)

Posted
First, you need to modify your "subs" table to include "created" column. Make this column a type of boolean, and give it a default value of FALSE.

 

Have you done this?

Posted

Thanks for this useful information

so my new code will look like this

<?php
include 'mysql-connect.php';
$username = mysql_real_escape_string( $_POST['username'] );
$password = mysql_real_escape_string( $_POST['password'] );
$firstname = mysql_real_escape_string( $_POST['firstname'] );
$lastname = mysql_real_escape_string( $_POST['lastname'] );
$email = mysql_real_escape_string( $_POST['email'] );
$ip = $_SERVER['REMOTE_ADDR'];
$strCheckUserSQL = "SELECT * FROM subs WHERE username='$username'";
$CheckUserQuery = mysql_query($strCheckUserSQL);
$strCheckEmailSQL = "SELECT * FROM subs WHERE email='$email'";
$CheckEmailQuery = mysql_query($strCheckEmailSQL);
// You really should escape these values, but I'm not going to do that here
mysql_query("INSERT INTO subs (username, password, firstname, lastname, ip, email)
VALUES ('$username', '$password', '$firstname', '$lastname', '$ip', '$email')");
?-->

is this script secure??

Looks good.

 

i don't need to md5 the password.

It's not that big an effort what you gain. Seriously, You should md5 them.

All you have to do is pass the string through the md5 function and you'll get it. To make it even more secure, You can concatenate a random string to the password too.

All you have to do is md5 the login password and compare it against the stored hash in your database]

Eg:

//without salt
$password = md5($_POST['password']);

//with salt
$password= md5( $_POST['password'] . 'my secret salt' );

You don't even have to escape it since the md5 can't contain any dangerous characters.

 

A reason to use salt is because of the way md5s are 'decrypted' . They're not actually decrypted but are compared against a huge database of common strings and their hashes ( Admins, Could you confirm? ). So using a secret salt would change the hash would protect it from that approach too.

 

Can you help me with the other script also please

Is that to me?

If it is, Sure. I'm pretty bored at home and have no ongoing projects. I'm still a beginner though :)

 

 

 

Question about the script:

 

<?
$username = $_POST['subdomain'];
$path="http://seifhate:pass@seifhatem.co.cc:2082/frontend/x3/subdomain/doadddomain.html?rootdomain=seifhatem.co.cc&domain=$username";
$f = fopen($path, "r");
echo $path;
fclose($f);
?>
<html>
<form method="POST" action="">
Subdomain: <input type="text" name="subdomain"/>
<input type="submit" name="submit" value="Create"/>
</html>

 

You're going to run this script when you're logged into CPanel, Right?

 

 

@xaav: I've tried using booleans in mysql, It never worked properly for me :(

Any tips?

  • Like 1
Posted

Yeah also me booleans always gives me an error

I don't wan to md5 the pass because it will be used in the other script to retrieve pass and create the frp account so if it's in md5 it will not work :S

That's why

No the first part "seifhate:pass" is for logging in automatically and doung the job

Thanks

 

@xaav: no i couldn't do it as a boolean i did as a varchar with default value false :)

 

@xaav: no i couldn't do it as a boolean i did as a varchar with default value false :)

Posted

Run this query on your table:

 

ALTER TABLE subs ADD COLUMN created TINYINT(1) DEFAULT 0;

Posted

Okay, now put this code in the cron script:

 

#!/usr/bin/php
<!--?php
$strCheckSubSQL = "SELECT * FROM subs WHERE created=0";
//Connect to the database
$result = mysql_query($strCheckSubSQL);
while($row = mysql_fetch_array($result)) {


           //Create the user in cPanel
           $username = urlencode($row['username']);
           $password = urlencode($row['password']);
           $paths = array(
               "http://seifhate:pass@seifhatem.co.cc:2082/frontend/x3/subdomain/doadddomain.html?rootdomain=seifhatem.co.cc&domain=$username",
               "http://seifhate:pass@seifhatem.co.cc:2082/frontend/x3/ftp/doaddftp.html?login=$username&password=$password&quota=13",
           )

           foreach($paths as $path) {
               file_get_contents($path);
           }

    //Update the record with created=true
           mysql_query('UPDATE subs SET created=1 WHERE username="'.mysql_escape_string($username).'"';
}
//Close the connection

 

Then, change the permissions of the file to "755" and add the cron in cPanel.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...