Secure Hash Algorithm 1 is also known as sha1, and Md5 stands for Message Digest 5. Both of them are employed to encrypt strings. It takes time to decrypt a string once it has been encrypted. When storing passwords in the database, Md5 and sha1 are very helpful. We’ll talk about PHP Security Function today.
What security features does PHP offer?
- An illustration of PHP security functions
- What is Covered in This PHP Security Tutorial?
- Keep PHP updated.
- Site-to-site scripting (XSS).
- Attacks using SQL Injection.
- counterfeit cross-site requests XSRF/CSRF.
- Stealing a session.
- Files can be hidden from the browser.
- Upload files safely.
- Use HTTPs SSL certificates.
What is security in PHP?
Since PHP is so widely used, PHP security is crucial and there are many PHP applications that are weak. The majority of PHP web applications incorporate scripts or pieces of code from other web applications. All the applications using the shared piece of code are also vulnerable if that vulnerability is discovered.
Potential security threats:
Basically, there are two types of people who can attack your system.
- Hackers: people who want to access unauthorized data or cause the application to malfunction.
- Users: they might mistakenly enter incorrect information in forms, which could harm a website or web application.
The types of attacks that we should watch out for are as follows.
In this kind of attack, malicious code is appended to SQL statements.
Either user input forms or URLs with variables are used for this.
The condition in the WHERE clause of a SQL statement is commented in the appended code. The code at the end can also;
- Add a condition that is true no matter what.
- a table’s data can be deleted.
- correct information in a table.
- Typically, this kind of attack is used to access an application without authorization.
- Obtain private information, such as cookie information.
- send the user to an alternative URL.
- PHP code injection, shell injection, email injection, script source code disclosure, and other threats are possible.
Best practices for securing PHP applications, given below:
This feature is helpful in defending our applications against threats like cross-site scripting.
<?php $user_input = "site GeektoCode"; echo "<h4>My System</h4>"; echo $user_input; ?>
Browse to the URL after saving secure.php to the htdocs folder: http://localhost/htdocs/secure.php
OUTPUT: My System site GeektoCode
Consider that you were given the following as user input <script>alert(‘I hate your website.!’);</script>
<?php $user_input = "<script>alert(' I hate your website.!');</script>"; echo "<h4>My Commenting System</h4>"; echo $user_input; ?>
Browse to the URL http://localhost/htdocs/secure.php
Let’s now use the strip_tags function to protect our application from such attacks.
<?php $user_input = "<script>alert('I hate your website.!');</script>"; echo "<h4>MySystem</h4>"; echo strip_tags($user_input); ?>
Browse to the URL http://localhost/htdocs/secure.php
OUTPUT: MySystem alert('I hate your website.!');
PHP filter_var function
Data validation and sanitization are done with the filter_var function.
Validation determines whether the data is the appropriate type. When a string is subjected to numeric validation, a false result is produced.
An illegal character is sanitized out of a string.
For a complete reference on filter_var, visit this link.
The commenting system is covered by the code.
Tags are stripped using the filter_var function and the FILTER_SANITIZE_STRIPPED constant.
<?php $user_input = "<script>alert(' I hate your website.!');</script>"; echo filter_var($user_input, FILTER_SANITIZE_STRIPPED); ?>
OUTPUT: alert(' I hate your website.!');
the function mysqli_real_escape_string An application is shielded from SQL injection using this function.
Assume we have the SQL statement listed below to validate the user ID and password.
<?php SELECT uid,pwd,role FROM users WHERE uid = 'admin' AND password = 'pass'; ?>
The user id text box accepts the following code when entered by a malicious user. “Enter Geek123 in the password text box OR 1 = 1.” Let’s programme the authentication module.
<?php $uid = "' OR 1 = 1 -- "; $pwd = "Geek123"; $sql = "SELECT uid,pwd,role FROM users WHERE uid = '$uid' AND password = '$pwd';"; echo $sql; ?>
The final outcome will be
SELECT uid,pwd,role FROM users WHERE uid = '' OR 1 = 1 -- ' AND password = '1234';
The above query will produce a list of all users. Now let’s secure our login module using the mysqli_real_escape_string function.
<?php $uid = mysqli_real_escape_string("' OR 1 = 1 -- "); $pwd = mysqli_real_escape_string("Geek123"); $sql = "SELECT uid,pwd,role FROM users WHERE uid = '$uid' AND password = '$pwd';"; echo $sql; ?>
The code above will produce: SELECT uid,pwd,role FROM users WHERE uid = '\' OR 1 = 1 -- ' AND password = 'Geek123';
For our benefit, the second single quote has been escaped; it will be regarded as a component of the user id and the password won’t be commented.
PHP Md5 and PHP sha1
Secure Hash Algorithm 1 is also known as sha1, while Message Digest 5 is referred to as Md5.
Both of them are employed to encrypt strings.
It takes time to decrypt a string once it has been encrypted.
When storing passwords in the database, Md5 and sha1 are very helpful.
Md5 and sha1 are implemented in the code below.
<?php echo "MD5 Hash: " . md5("password"); echo "SHA1 Hash: " . sha1("password"); ?>
OUTPUT: MD5 Hash:5feesdvfed46gdjf98tftqwmj SHA1 Hash: 5f5s7666fed6t46gdjf98t7dfhsd5adshv
As you can see from the hashes above, even if an attacker managed to access your database, they wouldn’t be able to log in because they wouldn’t know the passwords.