Home arrow PHP arrow Page 2 - Reconsidering PHP variables

Counting your cookies? - PHP

Php helps you to quickly build big applications and many times, its easy to neglect the security matter. Its easy to believe that security breaches could not happen to your software. But what if it does happen? For this reason, security in your applications should be kept in consideration from the beginning.

TABLE OF CONTENTS:
  1. Reconsidering PHP variables
  2. Counting your cookies?
  3. Checking variable types
  4. A Method to your madness
  5. Its the size that matters
  6. Pssst... Whats the password?
  7. And in Conclusion...
By: Iulian Turnea
Rating: starstarstarstarstar / 45
January 10, 2005

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Some people will be surprised to find out that you can check the number of  POST or GET or even COOKIE variables. It's actually quite simple.  So simple, it is commonly overlooked.  By utilizing the count() function, you can see the number of elements in each array. If you did not send any GET variable, the array would be empty.

<?
$limit = count($_GET);
echo $list;
?>

// the echo is 0

If you are not expecting any GET variables and you have one in $HTTP_GET_VARS array, you can trap it accordingly.  For example:

$limit = count($_GET);
if ($limit>0){
echo (" Hacking Attempt ");
exit;
}
// or redirect the suspect to an error page

$limit = count($_GET);
if ($limit>0){
header(" Location:./error.php ");
exit;
}

You know how many variables your application is expecting in most conditions. If there are less that means that some problem may have occurred. But there is rarely a time that you would receive more than expected.

// if you send a form with 5 fields using POST you can check this

$limit_post=count($_POST);
$limit_get=count($_GET);
if ($limit_post>5||$limit_get>0){
echo (" Hacking Attempt ");
exit;
}



 
 
>>> More PHP Articles          >>> More By Iulian Turnea
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: