Puisque cette question concerne la sécurité.
N'utilisez pas la bibliothèque mysql_*. Il est extrêmement vulnérable à l'injection sql, en particulier la façon dont vous l'utilisez. Et c'est obsolète.
Supposons que je passe [email protected]
Dans votre code
$domain = $emailsep[1]; // will equal "gmail.com"
Maintenant, disons que je l'injecte avec l'injection sql, car en passant [email protected] est plutôt ennuyeux, n'est-ce pas.
Je vais beaucoup m'amuser dans cette ligne de code qui suit :
$domaincheck = mysql_query("SELECT * FROM xxxxxxx WHERE domain = '$domain'", $link);
Et utilisez mysqli ou pdo comme prescrit par ces médecins.
Modifier :
revenons maintenant à la question que vous aviez en tête
un fichier php
<?php
date_default_timezone_set('America/New_York'); // required something here else exception below
//error_reporting(E_ALL);
//ini_set("display_errors", 1);
//require '1error_2shutdown_3log.php'; // 1. err hndlr, 2. shutdown hndlr, 3. log it somehow
$b='<br/n>'; // great name huh ?
$b2='<br/n><br/n>'; // great name huh ?
echo "The time is " . date("h:i:sa").$b;
echo "s01".$b;
try {
echo "s02".$b."--------------------------------------------------------------------------".$b;
//$email = $_POST['emailreg'];
//$firstna = $_POST['firstna'];
//$surna = $_POST['surna'];
//$password = $_POST['passreg'];
//$passconfirm = $_POST['passconfirm'];
//$userpass = $email . $password;
//$emailsep = explode("@", $email);
//$domain = $emailsep[1];
$email = "[email protected]";
$firstna = "Drew";
$surna = "Pierce";
$password = "secure";
$passconfirm = "secure";
$userpass = $email . $password;
$emailsep = explode("@", $email);
$domain = $emailsep[1];
$key = md5('united'); // don't use md5
$salt = md5('united'); // don't use md5
function encrypt($string, $key) {
$b='<br/n>'; // great name huh ?
$b2='<br/n><br/n>'; // great name huh ?
# come up with a good key, beyond the scope of this Question
$key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3"); #32 bytes
$key_size = strlen($key);
echo "Key size: " . $key_size . $b; # 32, big surprise
# create a random IV to use with CBC encoding
# yes each time
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); // using ECB cuz u were
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
echo "in encrypt() passed <b>",$string,"</b> and <b>",$key.'</b>'.$b;
$rawEncrypted=mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_ECB,$iv);
# prepend the IV for it to be available for decryption
$rawEncrypted = $iv . $rawEncrypted;
$b64Encrypted= base64_encode($rawEncrypted); # <------- RIGHT HERE WE ARE DONE
# basically we are done encrypting, could just return $b64Encrypted and be done with it
# but no
#########################################################################
# lifted from manual page btw: http://php.net/manual/en/function.mcrypt-encrypt.php
# do an assert that you can decrypt for a sanity check
$ciphertext_dec = base64_decode($b64Encrypted);
# retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
$iv_dec = substr($ciphertext_dec, 0, $iv_size);
# retrieves the cipher text (everything except the $iv_size in the front)
$ciphertext_dec = substr($ciphertext_dec, $iv_size);
# may remove 00h valued characters from end of plain text
$plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $ciphertext_dec, MCRYPT_MODE_ECB, $iv_dec);
echo "Assert ... plaintext= ".$plaintext_dec .$b;
// a real Assert would make it explode, but you get the idea
#########################################################################
echo "leaving encrypt() with ",$b64Encrypted.$b2;
return $b64Encrypted;
}
echo "about to connect ...".$b;
$link = mysql_connect('localhost', 'GuySmiley', 'mongoose');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("so_gibberish", $link);
$domaincheck = mysql_query("SELECT * FROM t1 WHERE domain = '$domain'", $link);
if($domaincheck === FALSE) {
die(mysql_error());
}
//echo "encrypt returns: ".encrypt($email, $key).$b;
$emailcheck = mysql_query("SELECT * FROM t2 WHERE studentemail = '".encrypt($email, $key)."'", $link);
if($emailcheck === FALSE) {
die(mysql_error());
}
$dorow = mysql_fetch_array($domaincheck);
$emailrow = mysql_fetch_array($emailcheck);
// the below will explode, I don't have them, changed to echo
if ($password == '') {
$cause = 'Password Blank'; echo 'error.php'.$b;
}elseif ($passconfirm =='') {
$cause = 'Password Blank'; echo 'error.php'.$b;
}elseif ($password != $passconfirm) {
$cause = 'Password Mismatch'; echo 'error.php'.$b;
}elseif ($dorow['domain'] != $domain) {
$cause = 'Incorrect Domain'; echo 'error.php'.$b;
}elseif ($emailrow['studentemail'] != '') {
$cause = 'User Already Exists'; echo 'error.php'.$b;
}
//elseif ($dorow['licensecount'] > $dorow['licensemax']) { # commented out cuz I dont have this table
//$cause = 'Insufficient Licences'; echo 'error.php'.$b;
//}else {
//}
function hashword($string, $salt){
$b='<br/n>'; // great name huh ?
echo "in hashword()".$b;
$string = crypt($string, '$1$' . $salt . '$');
return $string;
}
echo "s10".$b;
$userpass = hashword($userpass, $salt);
echo "s11".$b;
echo $userpass.$b;
$hash = md5( rand(0,1000) ); // don't use md5, get a good RNG (random # generator)
echo "s12".$b;
$sql="INSERT INTO `xxxxxxx`.`xxxxxxx`
(`hash`, `studentemail`, `studentfirstname`, `studentsurname`,
`oscopetutcount`, `siggentutcount`, `mmetertutcount`, `lprobetutcount`,
`psupplytutcount`, `oscopetest`, `siggentest`, `mmetertest`, `lprobetest`,
`psupplytest`, `exam`, `userpass`, `ID`, `domain`, `licensecount`,
`licensemax`, `licenceexpire`)
VALUES ('$hash', '".encrypt($email, $key)."', '".encrypt($firstna, $key)."',
'".encrypt($surna, $key)."', '0', '0', '0', '0', '0', '0', '0', '0', '0',
'0', '0', '$userpass', NULL, '', '0', '', NULL)";
echo $sql.$b;
//$result = mysql_query($sql, $link);
//$licenceadd = mysql_query("UPDATE xxxxxxx.xxxxxxx SET licensecount = licensecount +1 WHERE domain = '$domain'", $link);
//if($result === FALSE) {
// die(mysql_error());
//}
//if($licenceadd === FALSE) {
// die(mysql_error());
//}
//include 'email.php';
echo "near bottom".$b;
mysql_close($link);
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), $b;
} finally {
echo $b."--------------------------------------------------------------------------".$b."First finally".$b;
}
?>
Schéma qui était en ligne lorsque j'ai exécuté ceci
create table t1
( id int auto_increment primary key,
domain varchar(100) not null,
key(domain)
);
insert t1(domain) values ('gmail.com'),('yahoo.com'),('ibm.com');
-- drop table t2;
create table t2
( id int auto_increment primary key,
fullName varchar(80) not null,
studentemail varchar(1000) not null
-- key(studentemail)
);
-- truncate table t2;
insert t2(fullName,studentemail) values ('Drew Pierce','who-knows');
La sortie d'écran :
The time is 06:25:20pm
s01
s02
--------------------------------------------------------------------------
about to connect ...
*** begin myLogger function ***
lvl: 8192 | msg:mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead | file:C:\Apache24\htdocs\causes_parse_error.php | ln:82
warn
*** end myLogger function ***
Key size: 32
in encrypt() passed [email protected] and ��K~:صGc��U��)���^A~/�*�
Assert ... plaintext= [email protected]
leaving encrypt() with 7n7aTyDo4E4WvtDseUcSM3JMjKipFalVRWhPwu6P5vUdYjN9btNNPo1qlOxB+TKtwfCCr/2ctTCNPxrdVz5Egg==
error.php
s10
in hashword()
s11
$1$3db1a73a$i5Pb3o2s6tV4uWDivvmLA1
s12
Key size: 32
in encrypt() passed [email protected] and ��K~:صGc��U��)���^A~/�*�
Assert ... plaintext= [email protected]
leaving encrypt() with uXCKvAUVuBcoPxIbqpbfMZRD50Bu7XSwP75MapBct9UdYjN9btNNPo1qlOxB+TKtwfCCr/2ctTCNPxrdVz5Egg==
Key size: 32
in encrypt() passed Drew and ��K~:صGc��U��)���^A~/�*�
Assert ... plaintext= Drew
leaving encrypt() with 61B1AJtpaK7hx0bFSBNXr9Z0ZFIUkrQXCZcQ5D4pvySzLFfIEEB/2r2FvCLZMobUd3jWRIiyFSfLy4/qTXsT5w==
Key size: 32
in encrypt() passed Pierce and ��K~:صGc��U��)���^A~/�*�
Assert ... plaintext= Pierce
leaving encrypt() with /JFBohEe96R7sFnQxu+ujvgFv8WZl9Pdss+zv8tVptJk2xrZH8Pb3xjfGmWGH92W/h4aeWrPS8ICEIojKtYrgw==
INSERT INTO `xxxxxxx`.`xxxxxxx` (`hash`, `studentemail`, `studentfirstname`, `studentsurname`, `oscopetutcount`, `siggentutcount`, `mmetertutcount`, `lprobetutcount`, `psupplytutcount`, `oscopetest`, `siggentest`, `mmetertest`, `lprobetest`, `psupplytest`, `exam`, `userpass`, `ID`, `domain`, `licensecount`, `licensemax`, `licenceexpire`) VALUES ('a96b65a721e561e1e3de768ac819ffbb', 'uXCKvAUVuBcoPxIbqpbfMZRD50Bu7XSwP75MapBct9UdYjN9btNNPo1qlOxB+TKtwfCCr/2ctTCNPxrdVz5Egg==', '61B1AJtpaK7hx0bFSBNXr9Z0ZFIUkrQXCZcQ5D4pvySzLFfIEEB/2r2FvCLZMobUd3jWRIiyFSfLy4/qTXsT5w==', '/JFBohEe96R7sFnQxu+ujvgFv8WZl9Pdss+zv8tVptJk2xrZH8Pb3xjfGmWGH92W/h4aeWrPS8ICEIojKtYrgw==', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '$1$3db1a73a$i5Pb3o2s6tV4uWDivvmLA1', NULL, '', '0', '', NULL)
near bottom
--------------------------------------------------------------------------
First finally
Fondamentalement, je suis satisfait de la façon dont les ASSERTS sortent, avec les IV intégrés (vecteurs d'initialisation).
Écrire dans la base de données n'était pas le problème avec cette question, comme vous pouvez voir un commentaire sur cette zone. Il s'agissait plutôt d'une question de chiffrement/déchiffrement.
Le destinataire du texte chiffré peut le déchiffrer car le IV est ajouté au début, et il aura la clé. S'ils n'ont pas la clé, tant pis.
Bonne chance ! Et changez cette bibliothèque en ... comme ... PDO !
