注册脚本安全检查

时间:2011-01-12 20:03:41

标签: php mysql

嘿伙计们,我有这个注册脚本,我正在使用mysql_real_escape_string。我知道准备好的语句更安全,但我只是没有足够的经验来使用它们,我只是无法弄清楚如何。无论如何这是脚本:

<?php

    $username=mysql_real_escape_string($_POST['username']);
    $password=sha1($_POST['password']);
    $password2=sha1($_POST['password_confirmation']);
    $passcheck=$_POST['password'];
    $todo=mysql_real_escape_string($_POST['todo']);
    $email=mysql_real_escape_string($_POST['email']);
    $fname=mysql_real_escape_string($_POST['fname']);
    $lname=mysql_real_escape_string($_POST['lname']);
    $gender=$_POST['gender'];
    $class=$_POST['class'];
    $section=$_POST['section'];



if(isset($todo) and $todo=="post"){

    $status = "OK";
    $msg="";
    }

if(!isset($username) OR strlen($username) <3){
    $msg=$msg."Username should be equal to or more than 3 characters long.<BR/>";
    $status= "NOTOK";
    }                   

if(mysql_num_rows(mysql_query("SELECT username FROM users WHERE username = '$username'"))){
$msg=$msg."Username already exists. Please try another one.<BR/>";
$status= "NOTOK";
}

if(mysql_num_rows(mysql_query("SELECT email FROM users WHERE email = '$email'"))){
$msg=$msg."E-mail is already in use. Please try again.<BR/>";
$status= "NOTOK";
}                                       


if ( strlen($passcheck) < 3 ){
    $msg=$msg."Password must be more than 3 charactors long.<BR/>";
    $status= "NOTOK";
    }                   

if ( $password <> $password2 ){
    $msg=$msg."Passwords are not identical.<BR/>";
    $status= "NOTOK";
    }                   
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
    $msg=$msg."The email is not a valid email.<br/>";
    $status="NOTOK";
    }

if($status=="NOTOK"){
    echo '<div class="statusmsg">'.$msg.'<br/><input class="submitButton" type="button" value="Retry" onClick="location.href='."'signup.php'\"></div>";
}
    else {
        $hash = md5( rand(0,1000) );
        $hash = mysql_real_escape_string($hash);
if(mysql_query("insert into users(username,password,email,fname,lname,hash,gender,class,section) values('$username','$password','$email','$fname','$lname','$hash','$gender','$class','$section')")or die (mysql_error ())){
    echo '<div class="statusmsg">Welcome, You have successfully signed up. Please check the verification e-mail sent to you.</div>';
    $to = $email; 
   $subject = 'Signup | Verification'; 
   $message = ' 

        Thanks for signing up! 
            Your account has been created, you can login with the following credentials after you have activated your account by pressing the url below. 

            ------------------------ 
            Username: '.$username.' 
        ------------------------ 

        Please click this link to activate your account: 
   <div id="header">  
         <h3>JMToday > Sign up</h3>  
     </div>         
        http://www.JMtoday.com/verification.php?email='.$email.'&hash='.$hash.' 

   ';

    $headers = 'From:noreply@JMtoday.com' . "\r\n";  
    mail($to, $subject, $message, $headers); 
    }
else { 
echo "Database problem, please contact site admin";
}

}
?>

1 个答案:

答案 0 :(得分:0)

用户永远不会看到“数据库问题”消息,因为如果查询失败,脚本将die()。同样,您将HTML嵌入到邮件中,但没有构建正确的HTML格式电子邮件。一些邮件客户端可能足够聪明,可以找出HTML并将其呈现为这样,但这只是运气。

您生成的哈希仅限于生成1001个哈希值。鉴于生日悖论,在38人报名后,碰撞的几率为50%。 100人后,赔率为99.29%。不要哈希随机数,而是执行以下操作:

$hash = md5(serialize($_POST) . $some_other_stuff_in_case_POST_is_empty);
相关问题
最新问题