安全性 - SQL [英] Security - SQL

问题描述

嘿，下面是一个处理登录脚本的页面，我想知道我是否有任何安全漏洞.我一直在阅读有关防止注入和其他方面的文章，并希望确保我的代码是安全的.

Hey, below is a page that handles a login script and I am wondering if I have put it any security holes. I have been reading articles on protecting from injections and others and wanted to make sure that my code is secure.

通过ajax提交，根据登录正确与否返回JSON.

It is submitted via ajax and returns JSON based on the login being correct or not.

<?php
ob_start();
session_start();
include ("config.inc.php");
include ("jsonEncode.php");

// ausername and apassword sent from form
$ausername = '';
$apassword = '';
$ausername = mysql_real_escape_string(stripslashes($_GET['username']));
$apassword = mysql_real_escape_string(stripslashes($_GET['password']));

$sql    = "SELECT * FROM admin WHERE ausername='$ausername' AND apassword='$apassword' LIMIT 1";
$result = mysql_query($sql) or die(mysql_error());

$data   = mysql_fetch_array($result);
$count  = mysql_num_rows($result);

if($count==1){
    $_SESSION['ausername'] = $ausername;
    $_SESSION['apassword'] = $apassword;
    $_SESSION['admin_id']  = $data['a_id'];
    $a_id = $data['a_id'];
    $_SESSION['LastLogin'] = $data['last_login'];
    $query = "UPDATE admin SET last_login = Now() WHERE `a_id`= $a_id";
    mysql_query($query);
    //echo $query;
    $_SESSION['aloggedin'] = "1234";
    // valid
    $var = array('avalid' => 1, 'ausername' => $ausername, 'apassword' => $apassword);
    print php_json_encode($var);
}else{
    // invalid
    $var = array('avalid' => 0, 'ausername' => $ausername, 'apassword' => $apassword);
    print php_json_encode($var);
}
?>

推荐答案

您可能希望在登录表单中使用 POST 方法而不是 GET，否则他们的密码将出现在 URL 中并且 URL 不是很安全(它们例如，可能会被添加书签或作为推荐 URL 发送到另一台服务器).

You might want to use the POST method rather than GET with the login form, otherwise their password will appear in the URL and URLs aren't very secure (they might get bookmarked or sent to another server as a referral URL, for example).

这篇关于安全性 - SQL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！