E Secure to make mysql queries using cookie values? [closed]

-1

Hello, the next I made a system that works, but I'm sure it's safe to use it to make sure it's safer or at least try to get it. I'm using a function that only reads numbers in mysql , but I'm still a beginner and would like a second opinion about it.

Can anyone tell me if it's safe or is there something else to make sure?

Code:

$id = $_COOKIE["id"]; //Nome do cookie
$novoId = "$cont[id]"; // Novo id, value exemplo "1,2,3,4" adiciona novo valor apos virgula

if (!preg_match("/\b{$novoId}\b/", $id)) {
    setcookie("id", $id .= "{$novoId},");
}

$historico = explode(",", $id);

$histanime = array_filter($historico, function($value) {
    /* Retorna apenas os números inteiros */
    return is_numeric($value);
});

if(($quantidade = count($histanime)) > 30){
    $histanime = array_slice($histanime, $quantidade - 30, 30);
}

$ids5 = implode(",", $histanime) ;

and the query in mysql is done with while :

$cont = mysql_query("SELECT title,titulo2,url,imagen FROM 'lista' WHERE aid IN($ids5)");
while (list($title, $titulo2, $url, $Imagen) = mysql_fetch_array($cont))
    
asked by anonymous 26.02.2018 / 14:04

1 answer

1

First, functions with mysql_ prefix are deprecated and have been removed in PHP7 to ensure that their codes work using PDO or MySQLI.

On the security of the use of cookies will be the same level of security to do via POST and GET , any user can change the values and try to make a sql-injection attack, the problem is not whether it's COOKIE, POST or GET, what's important is you make sure the past values do not contain unexpected data.

The way you did it just passed the numeric types:

$histanime = array_filter($historico, function($value) {
    /* Retorna apenas os números inteiros */
    return is_numeric($value);
});

What probably already guarantees some security, so no matter the origin, it matters what treatment you give to that data.

People think that security flaws are exclusively linked to being cookie, get or post, there are people who believe that POST is safer, which is a mistake, anyone who dominates a little HTTP with the use of a tool like wget or curl , you can try to attack your server, so what's important to solve is:

  • data processing (what you've done)
  • carefully review the codes
  • Use modern APIs
  • If possible use bindParam (or bindValue )
26.02.2018 / 14:15