CODEWITHSUNDEEP
phpjavascriptjquerysecurity
Oliver Kucharzewski
Oliver Kucharzewski

Reputation: 2645

Implement Security to this application?

At the moment I am attempting to create an application that passes on data to delete a row in my database. This row will be known by the ID passed on by the html file to js.

Currently I have a Html file, Javascript and PHP file which all work together to get this data passed in.

What im looking to do is secure it so no-one unauthorised can just send data to the javascript document in-order to delete the row.

HTML -- > JS --> PHP

JS:

    function deleteListing(id) {
    var answer = confirm("Are you sure you want to delete this listing?")
    if (answer) {
        $.post("assets/scripts/deleteListing.php", {
            id: id
        },

        function (result) {
            var response = jQuery.parseJSON(result);
            if (response.available === true) {
                location.reload();
            } else if (response.available === false) {
           //     alert("FAILURE DELETING USER");
            } else if (response.root === true) {
            //    alert("Cannot Delete Root User..");
            }
        });
    } else {
        return;
    }
}

PHP:

 <?
    require("../../../assets/config/config.php");
    $id_retrieve = $_POST['id'];
    $data = new stdClass();
    $sth= $dbh-> prepare("SELECT * FROM listings WHERE id='".$id_retrieve."'");
    $sth -> execute();
    $row = $sth -> fetch();
    $data->available = true;
    $dbh->exec("DELETE FROM listings WHERE id = '".$id_retrieve."'");
    echo json_encode($data);     
?>

Before anyone says the statement is not created using the prepared statement, I am aware of this and will fix it asap. Apart from that, is there anyway I can secure the Javascript file from unauthorised access? or could I limit it somehow?

Thanks!

Upvotes: 0

Views: 84

Answers (1)

Jeremy J Starcher
Jeremy J Starcher

Reputation: 23863

There are a couple of solutions.

As @Tobias said above: Use sessions to handle the authentication. That will protect you some.

However, that alone doesn't stop Cross-Session attacks.

Take a look at this page: http://phpsec.org/projects/guide/2.html

It suggests putting a token value on the form and saving it in the session. That way, when the form is submitted you can compare the incoming token against the one in your session and verify that the form did, indeed, come from your site.

<?php

session_start();

if (isset($_POST['message']))
{
if (isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token'])
    {
        $message = htmlentities($_POST['message']);

        $fp = fopen('./messages.txt', 'a');
        fwrite($fp, "$message<br />");
        fclose($fp);
    }
}

$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token;

?>

<form method="POST">
<input type="hidden" name="token" value="<?php echo $token; ?>" />
<input type="text" name="message"><br />
<input type="submit">
</form>

<?php

readfile('./messages.txt');

?>

Upvotes: 1

Related Questions