我是PHP编程的新手,我有一个注册表单,允许我的访问者在我的网站上注册,但我不确定安全性以及我的代码的安全性。代码如下所示:
if(isset($_POST['submit'])){
$search = array("<", ">", "join", "union", "'", "/", "(", ")", "Join","jOin", "joIn", "joiN", "Union", "uNion", "unIon", "uniOn", "unioN");
$replace = "";
$username = str_ireplace($search, $replace, $_POST['username']);
$email = str_ireplace($search, $replace, $_POST['email']);
if (empty($_POST['username']) or empty($_POST['email']) or empty($_POST['pass']) or empty($_POST['confirmpass'])) {
echo "<p>Please Fill all filds</p>";
}
elseif ($_POST['pass'] != $_POST['confirmpass']) {
echo "<p>Match Password</p>";
}
elseif (strlen($username) > 20){
echo "<p>Your Username should less than 20 Char</p>";
}
else{
$username = mysql_real_escape_string(trim($username));
$email = mysql_real_escape_string(trim($_POST['email']));
$pass = mysql_real_escape_string($_POST['pass']);
$pass = md5($pass);
$confirmpass = mysql_real_escape_string($_POST['confirmpass']);
$confirmpass = md5($confirmpass);
$date = date("Y-m-d");
$checkq = mysql_query("SELECT username, email FROM users WHERE username='$username' ");
$num_rows = mysql_num_rows($checkq);
if($num_rows >= 1){
echo "<p>you have to choose another Username</p>";
}else {
$checkq2 = mysql_query("SELECT username, email FROM users WHERE email='$email' ");
$num_rows2 = mysql_num_rows($checkq2);
if($num_rows2 >= 1){
echo "<p>that email is already registerd <br />".$email."</p>";
}else {
$insertuser = mysql_query("INSERT INTO users
(id, username, password, rdate, email)
VALUES
('', '$username', '$pass', '$date', '$email')
");
if ($insertuser){ echo "<span>you are login successfuly ...</span><META http-equiv='refresh' content='4;URL=http://www.6arbyat.com/join/login.php'> ;";}else{echo "<p>Sorry there is something Wrong !!!</p>";
}
}
}
}
}
有任何意见吗?
答案 0 :(得分:4)
"Join","jOin", "joIn", "joiN"
甚至没有一点安全。
如果您关注安全性,请使用正确的参数化查询,或者只是在您的查询中粘贴值。无论哪种方式,你的大部分代码都是无用的。
$insertuser = mysql_query("INSERT INTO users
(id, username, password, rdate, email)
此外,您可能不应该在数据库中编写原始密码,这会使您的代码看起来像1985年编写的那样。