12-06-2007, 03:13 AM
|
#1 (permalink)
|
|
The Wanderer
Join Date: Nov 2007
Posts: 13
Thanks: 0
|
Secure AJAX Server Scripts
Hi,
I'm building an information portal using AJAX. However, I have a concern about the security of the server side scripts that perform the AJAX operations. They are secured using sprintf(), so I'm not concerned about SQL injection. However, I am afraid of someone creating a form and posting vars to 'ajaxServer.php' (fictional) and passing in arguments to do things they shouldn't. For example, here is a sample ajaxServer.php:
Code:
include("databasestuff.php");
if (!isset($_POST)) {
//cant call the page directly
echo "this script cannot be called directly";
exit();
}
switch($_POST["a"]) {
case "close":
//delete a given module from users' page
$sql = sprintf("DELETE FROM `User_Module_Setup` WHERE `mod_id` = '%u' AND `User_ID` = '%u' LIMIT 1",$_POST["i"],$_POST["u"]);
return mysql_query($sql);
break;
...
} //switch
That example would remove a particular module ($_POST["i"]) from user's ($_POST["u"]) page. Is there any way to secure the ajax script against a foreign post? I've already tried session IDs, but the ID is different in the app and when axajServer is called.
Thanks,
Trmbne2000 |
|
|
|