我告诉我的漏洞程序我的两个网页中都有SQL注入漏洞,而我似乎无法理解导致它的原因。我的代码如下:
authcheck.php
<html>
<?php
header ("X-Frame-Options: DENY");
header('X-Content-Type-Options: nosniff');
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="tutors.css">
<title>CSTutot Authenticate</title>
</head>
<body>
<?php
// Needed For SQLFunctions getFaculty call
require_once('Includes/SQLFunctions.php');
// Needed For Utils check_input call
require_once('Includes/Utils.php');
// Retrieve Post Data
$wsuser = check_input($_POST["wsuser"]);
$wsemail = check_input($_POST["wsemail"]);
// Authenticate User
$student = getStudent($wsuser,$wsemail);
if (strlen($student->getTychoname())==0)
{
// Show the login form again.
include('index.html');
?>
<p></p>
<p></p>
<div><table id="myerror">
<tr><td>
<h4>Login Error</h4>
</td></tr>
<tr><td>
Sorry, the username and email do not match any current account.
</td></tr>
<tr><td>
Try again, or create an account using the link above.
</td></tr>
</table>
</div>
<?php
}
else
{
// Set the session information
session_start();
$_SESSION['wsuser'] = $wsuser;
include('SearchSessions.php');
}
?>
</body>
</html>
我的第二页给出了同样的漏洞,如下所示:
<html>
<?php
header ("X-Frame-Options: DENY");
header('X-Content-Type-Options: nosniff');
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="tutors.css">
<title>Create Student </title>
</head>
<body OnLoad="document.createstudent.firstname.focus();">
<?php
if(isset($_POST["CreateSubmit"]))
{
validate_form();
}
else
{
$messages = array();
show_form($messages);
}
function show_form($messages) {
// Show the page header
include('Includes/Header.php');
require_once('Includes/Utils.php');
if (count($messages) > 0 )
{
echo "<p></p>";
echo "<div><table id='myresults'>";
echo "<tr>";
echo "<td>";
echo "<h2>Warning! Form Entry Errors Exist.</h2>";
echo "<h4>Please revise based on the following issues and submit again.</h4>";
echo "<ol>";
foreach ($messages as $m)
{
echo "<li> $m </li>";
}
echo "</ol>";
echo "</td>";
echo "</tr>";
echo "</table></div>";
echo "<p></p>";
}
// Assign post values if exist
$firstname="";
$lastname="";
$wsname="";
$email="";
if (isset($_POST["firstname"]))
$firstname=check_input($_POST["firstname"]);
if (isset($_POST["lastname"]))
$lastname=check_input($_POST["lastname"]);
if (isset($_POST["wsname"]))
$wsname=check_input($_POST["wsname"]);
if (isset($_POST["email"]))
$email=check_input($_POST["email"]);
echo "<p></p>";
echo "<h2> Request Student Tutor Account</h2>";
echo "<p></p>";
?>
<h5>Complete the information in the form below and click Submit to create your account. All fields are required.</h5>
<form name="createstudent" method="POST" action="createStudent.php">
<table border="1" width="100%" cellpadding="0" id="mylogin">
<tr>
<td width="157">Firstname:</td>
<td><input type="text" name="firstname" value='<?php echo $firstname ?>' size="30"></td>
</tr>
<tr>
<td width="157">Lastname:</td>
<td><input type="text" name="lastname" value='<?php echo $lastname ?>' size="30"></td>
</tr>
<tr>
<td width="157">WebTycho username:</td>
<td><input type="text" name="wsname" value='<?php echo $wsname ?>' size="30"></td>
</tr>
<tr>
<td width="157">Email:</td>
<td><input type="text" name="email" value='<?php echo $email ?>' size="30"></td>
</tr>
<tr>
<td width="157"><input type="submit" value="Submit" name="CreateSubmit"></td>
<td> </td>
</tr>
</table>
</form>
<?php
} // End Show form
function validate_form()
{
require_once('Includes/Utils.php');
require_once('Includes/FormObjects.php');
require_once('Includes/SQLFunctions.php');
$messages = array();
$redisplay = false;
// Assign values
$firstname = check_input($_POST["firstname"]);
$lastname = check_input($_POST["lastname"]);
$wsname = check_input($_POST["wsname"]);
$email = check_input($_POST["email"]);
// Just check for null values and email format
if (strlen($firstname)==0)
{
$redisplay = true;
$messages[]="Please enter your Firstname.";
}
if (strlen($lastname)==0)
{
$redisplay = true;
$messages[]="Please enter your lastname.";
}
if (strlen($wsname)==0)
{
$redisplay = true;
$messages[]="Please enter your WebTycho username.";
}
if (strlen($email)==0)
{
$redisplay = true;
$messages[]="Please enter your Email address.";
}
if ($redisplay)
{
show_form($messages);
}
else
{
// Show the page header
include('Includes/Header.php');
$student = new StudentClass($firstname,$lastname,$email,$wsname);
$count = countStudent($student);
// Check for accounts that already exist and Do insert
if ($count==0)
{
$res = insertStudent($student);
echo "<h3>Welcome to the CS Tutor program!</h3> ";
echo "<h3>click here to <a href='index.html' >login</a></h3> ";
}
else
{
echo "<h3>A student account with that WenTycho username already exists.</h3> ";
echo "<h3>Please <a href='index.html'> login</a> using $wsname </h3>";
}
}
}
?>
</body>
</html>
我没有包含整个代码。我想我把它本地化为我在这里展示的代码。如果您需要整个代码,请告诉我,我会为您显示。感谢。