Poison Null Protection

ghost

0 0

16 years ago

Ok well I know it sounds like a noobish and simple question, but I'm looking for a simple way to prevent null byte injections in PHP.

I have looked around a little but I keep finding ways to exploit it rather than fix it.

clone4

Perl-6 Wisdom Seeker

0 0

16 years ago

Sry not to give you help directly, but I don't know php very well… Anyway I googled string "prevent php null byte injections" without quotes and it returned some interesting I'd useful documents

ghost

0 0

16 years ago

http://www.hackits.de/forum/thread.php?threadid=2052&sid=c0f877cb07d1426fed17d45f341ef29f

The author used a switch case statement that uses pages that are already there as cases and if the user tries to input a page that is not there already, then it goes to the index.php as a default.

Mr_Cheese

0 1

16 years ago

a switch is deffinatly the way to go about it.

it's a long winded way of doing things, but by far the most secure.

example:

switch($_GET[&#39;page&#39;]){

case &#39;home&#39;:
  include &quot;home.php&quot;;
break;

case &#39;contact&#39;:
 include &quot;contact.php&quot;;
break;

default:
 include &quot;home.php&quot;;

}```

Uh oh. Looks like your using an ad blocker.

ghost

clone4

ghost

Mr_Cheese