Learning PHP and MySQL

Example 14-7 Detecting simple variable poisoning

<?php
if  (isset($_COOKIE['MAGIC_COOKIE']))  {
    //  MAGIC_COOKIE  comes  from  a  cookie.
   //  Be  sure  to  validate  the  cookie  data!
}  elseif  (isset($_GET['MAGIC_COOKIE'])  ||  isset($_POST['MAGIC_COOKIE']))  
    mail("admin@example.com",  "Possible  breakin  attempt",  $_SERVER['REMOTE_ADDR']); 
    echo  "Security  violation,  admin  has  been  alerted.";
    exit;
}  else  {
     //  MAGIC_COOKIE  isn't  set  through  this  REQUEST

}
?>

Posted by on 09/25 at 02:42 PM

Next entry: Example 14-6 Session using the proper $_SESSION super global

Previous entry: Example 14-5 Sessions with register_globals on or off in session_test.php

<< Back to main