Recently, I've been working on a blog system for my website, <a href='http://www.64digits.com/octopus'>Octopus's Garden</a>. The system uses MySql for comments, users, and blogs, unlike the current site's system, which reads information from text files. I've read a little bit about the security issues of MySql, but I'm still not sure exactly how to fix them. Here are some of my questions:
<b>I.</b> How does one deal safely with the password used to connect to MySql. Is the following insecure within a PHP file?$db_host = 'host';$db_user = 'username';$db_password = 'password';$db_name = 'database';mysql_connect($db_host,$db_user,$db_password);-Would it be possible for a hacker to access the raw PHP source? If so, where would the password be stored. -Is it possible for the transfer between this PHP script and MySql to be intercepted? If so, is the password automatically encrypted, or should I encrypt it somehow?<b>II.</b> How does one screen user inputs so that they do not interfere with the MySql structure. Is there an equivalent of strip_tags() or must one use some sort of index system to replace possibly dangerous user data?[Answered, thanks to melee-master:http://us2.php.net/manual/en/function.mysql-real-escape-string.php]<b>III.</b>How does one deal with user passwords:-Are the passwords sent in an encrypted form when they are sent using < input type='password'>?-How does one encrypt user passwords to be placed in the MySql Database? I'd probably be able to figure this out, but if someone wants to tell me…<b>IV.</b> I'm using cookies to store a person's login status. How should this be made secure? By inserting an encrypted password and checking it on each page?If you have any other insight about Securing such a system, please give it. Thanks.-Mooselumph
II:
mysql_real_escape_string(string);Thanks, melee.
Heh, no problem.
III: md5() on the password strings when first saving the password, then again when checking it.
@Melee-Master:
I found this warning: "Be sure that your application remains secure if a user enters something like “; DROP DATABASE mysql;â€?. This is an extreme example, but large security leaks and data loss might occur as a result of hackers using similar techniques, if you do not prepare for them."It doesn't look like mysql_real_escape_string() protects against that. Does it?@flashback: Wow, I thought it was more complicated than that. I guess it's probably horribly complicated above the interface level.Keeping your database details in PHP file is usually how they do it, it's safe aslong as you don't leave it open to attack.
Adding on to what Flashback said, MD5 is a hashing algorithm, they're used to make a 'fingerprint' of data. You cannot turn hashes back into the original passwords, so that's why they're used. You may also want to check out SHA-1 and SHA-256 as they are considerably stronger.Store login status using the sessions system built into PHP. Never store passwords in cookies.I: no.
II: okay, answered.II: as long as the code is within that file. (dont use $_GET)IV: dont know.