Professional WEB Development Blog

PHP and Cookies

Today we are going to talk about Cookies and PHP. All the necessary operations were carried out by the PHP interpreter. But cookies can also be used for purposes other than propagating parameters; therefore, we will consider them in more detail.

A cookie must contain at least the name of the parameter that has to be set. In addition, it can carry the following information:

PHP Sessions

Let's consider parameter use on the example of a site employing authorization procedure. When a user enters his or her name, a session must be initiated. This allows us to use session variables. A session is initiated by the session_start() function. If the function executes successfully, it returns true; otherwise, false is returned.

Now the PHP interpreter has to be informed which variables are to be saved in the session. This is done using the session_register() function, to which the variable name to be saved is passed as the parameter. Afterward, all the variables that have been placed into the session will be available from all pages of your site for the duration of the session.

Let's consider an example of a session. We'll create a file named session.php for this. The file contains a form to enter the user name, which will be saved in a session variabl:

Storing User Parameters

HTTP does not support protracted connections. A new connection is created to receive each file in a page (i.e., a script, image, Flash animation, etc.). Consequently, the server cannot control whether the same user requested two different item (e.g., a script and an image), because for each of these a different connection would be created.

Page transitions also create new server connections; therefore, pages cannot be interlinked nor have common parameters. There are three ways to save parameter values when moving from one page to another. These are the following:

• Cookies: files stored on the client's computer. These can be:
• Temporary: stored in the memory of the client's computer only during the specific server connection.
• Permanent: stored on the client's hard drive until the specified time.
• Sessions.
• Implement your own connections, with the necessary parameters saved in database table and linked to the client.

Port scanning

The only way to protect your system from hacker attacks is to know how hackers carry out these attacks. When considering the fundamentals of hacker attacks, you have to think as a hacker. For example, what should be done first to break into a server or to test it for vulnerabilities? There is no clear answer to this question. Any break-in is a creative process and requires an individual approach. There are no clear-cut rules or ready-made templates. Nevertheless, a few practical recommendations can be given.

The first step in a break-in or vulnerability test is to scan the ports. Why? To find out what services (daemons, in Linux) are installed in the system. Each open port is a service program installed on the server, to which someone can connect and make it do certain things. For example, port 21 is used by the file transfer protocol (FTP) service. If a hacker can connect to this port, he or she will be able to download and upload files from and to the server. The hacker must acquire the corresponding rights to be able to do this, however.

The first 1,024 ports must be scanned initially. Many of them are used by standard services like FTP, hypertext transfer protocol (HTTP), and Telnet. Each open port is like a locked door to the server. The more doors the server has, the more chances there are that the lock on one of them can be picked. Therefore, you should only install those services that are necessary.

Network Monitoring Software

I uploaded the next version of my network monitoring program. It is fast and easy-to-use network monitoring software for everyone who want to know about their hosts or web page availability. The program monitors connections with specified computers in your network. CyD Careful Observer continuously monitors specific computer, server or WEB page accessibility. may monitor computers in your local network or in the Internet.

CyD Careful Observer - Network Monitor allows you to monitor any remote host port in your or remote network. When you run any network service on your server, a network port is opened to receive network packages. If the port is down, the service may be down too. The port monitoring allows system administrators to monitor the service availability

The main features of Careful Observer - Network Monitor 2010 SP2 are:

• New feature to export log data to XML or HTML files.
• It is easier to create WEB page monitoring items.
• Now you can see network status messages in windows notification area: near to system clock.
• The program checks latest news from CyD Software Labs server and shows you a dialog box with news.

Hidden Parameters

Never trust hidden parameters! You ask why? Because it is very easy to change them. All it takes is to save the web page on the local hard drive, modify the action field to point to the necessary script on the server, modify the necessary parameter, and execute the modified file.

Despite their shortcomings, hidden parameters can still be used; you simply have to be very careful with them. We will start considering using hidden parameters with how to hide parameters from honest users and beginning hackers. Sometimes it is necessary to pass some service information from one page to another without using cookies for this. In this case we can make use of hidden parameters. This can be done is several ways, which we will consider.

The first way is to create an input field of the hidden type as follows:

Vulnerable register_globals

You should exercise extreme care when working with parameters. If the register_globals parameters is set to On in the php.ini configuration file, global variables are created. This can be a vulnerability source if you are not being careful enough. Let's consider the following vulnerability demonstration example:

<form action="testpass.php" method="get">
 Login: <input name="username">
 Password: <input name="password">
</form>

if ($password== $legal_pass) and ($username==$legal_name)
  $logged = 1

if ($logged)
 {
  //The user has been authorized
 }

PHP and the POST Method

The mechanism of using the POST method is the same as that for the GET method. You only have to change the name of the method to be used (i.e., replace GET with POST) and your code will work without requiring any additional modifications. This, although, is conditional on that global parameters had been used to pass data and not the $HTTP_GET_VARS array (the POST method uses a different array). The earlier example demonstrating passing parameters using the GET method can be changed to use the POST method as follows:

<form action="param.php" method="post">
User Name: 
 <input name="UserName">
 <input type="hidden" name="Password" value="qwerty">
</form>

Other than replacing GET with POST, no other changes are necessary.

When the POST method is used, all parameters are also included in the request body in the parameter_name=parameter_value format. Additionally, the variable's names and their values are placed into the $HTTP_POST_VARS array, or $_POST for short.

CyD Web Development Tools 2010 Beta

I want to introduce you a new software product for WEB developers, Security specialists and SEO professionals: CyD Web Development Tools. It is a new product and you can test beta version at this moment. The product will consist of modules for WEB developers and SEO professionals. Some of the modules will be available as part of CyD Network Utilities - Security tools.

At this time the product consist of only one module - search for WEB site vulnerabilities. The program needs improvements but you can try the module absolutely free-of-charge with no limits. Tell me if you have any suggestions for the program or if you found error. Some commands do not work in the program. I'm going to implement the full set of the features as soon as possible.

The GET Method

When the GET method is used, all the parameters that are passed to the script are placed into global variables. In addition, they are also placed into the $HTTP_GET_VARS array, or $_GET for short. But there is more to come. The parameters are also displayed in the browser's URL field. Thus, when the above example code with passing name and password parameters is executed, the URL will change to this: http://192.168.77.1/param.php?UserName=Flenov&Password=qwerty.That is, the original URL is appended with a question sign followed by the parameters passed in the parameter_name=parameter_value format and delimited by the ampersand (&).

How safe do you think this method is? Good thinking! Any of the parameters can be easily changed manually without even changing the form's source code. When developing scripts you should make it as hard as possible for hackers to be able to be able manipulate parameters. For example, do not use the GET method to transmit passwords, because it can be easily intercepted.

Another problem with this method is its openness. Consider the password example again. When a user enters a password via this method, the password will be displayed in the browser's URL field. Anyone passing by at this time can see this password in there.