Rewriting URL and attacks

kanz · March 10, 2015, 10:54am

Hi,

I use mod_rewrite for URL rewriting. get different sections address by preg_match:
This approach itself brings security in some cases.

preg_match('#^/(\d+)/(\d+)/([^/]+)$#', $path, $matches)

The third section is open to all non-numeric characters.
Is it possible to mysql inject or attack to browser client?
Is there a way to clean it; for better security? (I mean $matches[3])
Thanks

Jeff_Mott · March 10, 2015, 2:59pm

Your SQL should be prepared/escaped at the point where you create the query itself, regardless of whether you rewrite URLs or not. So no, URL rewriting is not the cause of, nor the appropriate solution to, SQL injection.

kanz · March 10, 2015, 6:04pm

Thanks,

I’m use $matches[3] to show title article in url and not have any query according to $_get $matches[3]. Is it risk? other query prepared.

Mittineague · March 10, 2015, 6:09pm

If
$_get $matches[3]
can be anything I think you best do some validation / sanitization with it before it gets near your query.

kanz · March 12, 2015, 10:39am

Thansk,

Explicitly ask: Can complete query for drop or delete sent via this parameter ($_get $matches[3])

I’m use $matches[3] to show title article in url and not have any query according to $_get $matches[3]

system · June 11, 2015, 5:50pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.