Jump to content
  • Advertisement
Sign in to follow this  
  • entries
  • comments
  • views


Sign in to follow this  


Here's a PHP snafu for you to avoid. A friend of mine made a site for someone and used PHP for the job. I decided to check the site out today and what did I discover? A security hole! Oh noes. It was really no fault of my friend, just oversight.

REGISTER_GLOBALS was apparently turned on and he used session IDs. In various places on the site he was getting user Ids and whatnot for the current session.

If you had an account and were signed in and knew a user ID, you could go their profile and it would set the current session to their profile ID, when you went to "My Account" you had access to all of the OTHER persons info. This included the ability to change passwords and e-mail and whatnot. Not cool. Luckily the site has only been live for a day so it's doubtful anyone else has discovered it. The server he had to use was a shared server, so he couldn't really change the settings, but he had a workaround by changing the variable names.
Sign in to follow this  

1 Comment

Recommended Comments

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Advertisement

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!