Hi,
I hope I'm not OT.
I have the following issue:
I want to delete a record from my db with a php script. Let's say I'm auth'd
and I want to delete the record id 440. With a simple form (get or post), I
send the id to my script and delete the record (DELETE FROM table WHERE
id=some_validat ed_input).
The problem is if I'm a nasty guy I just write my own form and delete any
record I want (since I'm auth'd) by just sending another id.
Is there any way to make arbitrary record deletion non-trivial in php? I'm
thinking about a hash function to replace the real db id (DELETE FROM table
WHERE record_hash=val idated_form_has h), if possible without adding an
awfull lot of server side computation.
How do you guys deal with that kind of situation?
Thanks,
--
MaXX
19  2137 
You should have more detailed authorization - not only auth'd
non-auth'd, but every user must have its access information, so system
can recognize who is that man who wants to delete.
Then you should specify (for example) owner of a record - add a column
to your table, which contains identifier of user, who is allowed to
delete it (or do any other operation with it).
If you need even more details, you may consider definition of usergroups
(need one extra simple table).
MaXX wrote: Hi,
I hope I'm not OT.
I have the following issue:
I want to delete a record from my db with a php script. Let's say I'm auth'd
and I want to delete the record id 440. With a simple form (get or post), I
send the id to my script and delete the record (DELETE FROM table WHERE
id=some_validat ed_input).
The problem is if I'm a nasty guy I just write my own form and delete any
record I want (since I'm auth'd) by just sending another id.
Is there any way to make arbitrary record deletion non-trivial in php? I'm
thinking about a hash function to replace the real db id (DELETE FROM table
WHERE record_hash=val idated_form_has h), if possible without adding an
awfull lot of server side computation.
How do you guys deal with that kind of situation?
Thanks,
Jiri Fogl wrote: You should have more detailed authorization - not only auth'd
non-auth'd, but every user must have its access information, so system
can recognize who is that man who wants to delete.
The problem in my particular case, is that the system can't know who will
delete as there is no explicit ownership. The table in question is a log
and the creator is a script.
Your suggestion can be very usefull for another area of my project...
Another idea is to only allow the php script to set a deleted flag wich only
hide the record and wipe or undelete them by other means ...
Then you should specify (for example) owner of a record - add a column
to your table, which contains identifier of user, who is allowed to
delete it (or do any other operation with it).
If you need even more details, you may consider definition of usergroups
(need one extra simple table).
The database (postgresql) is already aware of this, the rights are set by
groups (creators INSERT, R-O users SELECT, Admins UPDATE[mark as
read]/DELETE). Some major events have a "protected" boolean to avoid
deletion by the php script. When I want to get rid of those I use PgAdmin
or psql as superuser to delete them.
Time to rethink the system...
Thanks,
--
MaXX
MaXX <bs******@skyne t.be> wrote in
news:e2******** **@talisker.lac ave.net: The problem is if I'm a nasty guy I just write my own form and delete
any record I want (since I'm auth'd) by just sending another id.
in your database, add a column called "keystring" and index it. populate
it with 18 characters or so (write a PHP function that does this at the
same time you enter the info in the database). So, this 'keystring' for
record 1 might be '9jfhdsufs8ywre ' while record 2 might be
'agsadgiwqegiqw '.
Since the keystring is indexed, you can delete it from your DB by calling
"DELETE FROM so_and_so WHERE Keystring='9jfh dsufs8ywre'" Chances are
pretty damn slim that someone will be able to guess any keystring and
therefore alter records.
I use this technique often, especially when allowing users access to pick
up files.
See ya
MaXX wrote: Hi,
I hope I'm not OT.
I have the following issue:
I want to delete a record from my db with a php script. Let's say I'm auth'd
and I want to delete the record id 440. With a simple form (get or post), I
send the id to my script and delete the record (DELETE FROM table WHERE
id=some_validat ed_input).
The problem is if I'm a nasty guy I just write my own form and delete any
record I want (since I'm auth'd) by just sending another id.
Is there any way to make arbitrary record deletion non-trivial in php? I'm
thinking about a hash function to replace the real db id (DELETE FROM table
WHERE record_hash=val idated_form_has h), if possible without adding an
awfull lot of server side computation.
How do you guys deal with that kind of situation?
Thanks,
Along with the other suggestions:
Make deleted an attribute (column) of the table and then access the data
via a view that filters deleted items. If a record is deleted by
accident, it can still be re-created by changing the deleted attribute.
Some other process may come along and remove the deleted rows at some
regulated time (e.g. after a backup, after so many days, etc.)
-david-
Good Man wrote: MaXX <bs******@skyne t.be> wrote in
news:e2******** **@talisker.lac ave.net: The problem is if I'm a nasty guy I just write my own form and delete
any record I want (since I'm auth'd) by just sending another id. in your database, add a column called "keystring" and index it. populate
it with 18 characters or so (write a PHP function that does this at the
same time you enter the info in the database). So, this 'keystring' for
record 1 might be '9jfhdsufs8ywre ' while record 2 might be
'agsadgiwqegiqw '.
It's the idea I have, but I need a to find a way to do this with an
absolutly unique "keystring" (md5*/sha1??) to avoid duplicate (may be
extremely rare, but this is the kind of bug you don't want to hunt one
day ;-) ...)
The uniqueness is not realy important in this project but things can
change...
Since the keystring is indexed, you can delete it from your DB by calling
"DELETE FROM so_and_so WHERE Keystring='9jfh dsufs8ywre'" Chances are
pretty damn slim that someone will be able to guess any keystring and
therefore alter records.
[...]
[*] In my knowledge collisions can exist with md5 but avoiding md5 collision
is a WMD vs fly in that case...
Thanks,
--
MaXX
David Haynes wrote: MaXX wrote:
[...] How do you guys deal with that kind of situation?
Thanks,
Along with the other suggestions:
Make deleted an attribute (column) of the table and then access the data
via a view that filters deleted items. If a record is deleted by
accident, it can still be re-created by changing the deleted attribute.
Some other process may come along and remove the deleted rows at some
regulated time (e.g. after a backup, after so many days, etc.)
Thanks for the suggestion, I keep that in mind.
--
MaXX
MaXX <bs******@skyne t.be> wrote in
news:e2******** ***@talisker.la cave.net: Good Man wrote: MaXX <bs******@skyne t.be> wrote in
news:e2******** **@talisker.lac ave.net: The problem is if I'm a nasty guy I just write my own form and
delete any record I want (since I'm auth'd) by just sending another
id.
in your database, add a column called "keystring" and index it.
populate it with 18 characters or so (write a PHP function that does
this at the same time you enter the info in the database). So, this
'keystring' for record 1 might be '9jfhdsufs8ywre ' while record 2
might be 'agsadgiwqegiqw '.
It's the idea I have, but I need a to find a way to do this with an
absolutly unique "keystring" (md5*/sha1??) to avoid duplicate (may be
extremely rare, but this is the kind of bug you don't want to hunt one
day ;-) ...)
to make a unique keystring, you could always md5 the current unix
timestamp.
if you're concerned about duplicates, load up the keystrings from the
database into an array and see if your newly generated one has any
duplicates with in_array()
MaXX said the following on 19/04/2006 15:54: Good Man wrote: MaXX <bs******@skyne t.be> wrote in
news:e2******** **@talisker.lac ave.net: The problem is if I'm a nasty guy I just write my own form and delete
any record I want (since I'm auth'd) by just sending another id.
in your database, add a column called "keystring" and index it. populate
it with 18 characters or so (write a PHP function that does this at the
same time you enter the info in the database). So, this 'keystring' for
record 1 might be '9jfhdsufs8ywre ' while record 2 might be
'agsadgiwqegiqw '.
It's the idea I have, but I need a to find a way to do this with an
absolutly unique "keystring" (md5*/sha1??) to avoid duplicate (may be
extremely rare, but this is the kind of bug you don't want to hunt one
day ;-) ...)
You could define the keystring column as a unique index. If on your
first insert you get back an error (implying a duplicate), then you can
just modify the keystring and insert again. Repeat until success!
Of course, if this is the method you go for, then using some sort of
hash is redundant; you might as well just generate random integers or
strings of a suitable length.
--
Oli
Oli Filth said the following on 19/04/2006 16:01: MaXX said the following on 19/04/2006 15:54: Good Man wrote: MaXX <bs******@skyne t.be> wrote in
news:e2******** **@talisker.lac ave.net:
The problem is if I'm a nasty guy I just write my own form and delete
any record I want (since I'm auth'd) by just sending another id.
in your database, add a column called "keystring" and index it.
populate
it with 18 characters or so (write a PHP function that does this at the
same time you enter the info in the database). So, this 'keystring' for
record 1 might be '9jfhdsufs8ywre ' while record 2 might be
'agsadgiwqegiqw '.
It's the idea I have, but I need a to find a way to do this with an
absolutly unique "keystring" (md5*/sha1??) to avoid duplicate (may be
extremely rare, but this is the kind of bug you don't want to hunt one
day ;-) ...)
You could define the keystring column as a unique index. If on your
first insert you get back an error (implying a duplicate), then you can
just modify the keystring and insert again. Repeat until success!
Of course, if this is the method you go for, then using some sort of
hash is redundant; you might as well just generate random integers or
strings of a suitable length.
Integers are probably better, because it will take less work for the DB
to index them.
--
Oli This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Mark |
last post by:
This question refers to a main form with a continuous form subform.
After an error occurs after entering several records in the subform, how can I
delete all the data in the main form and all the records in the subform? I have
tried undoing both the main form and the subform and I have tried deleting the
record in the main form.
Thanks!
Mark
|
by: Nathan Bloom |
last post by:
Hi,
I have a data entry form (access 2000) that also allows the user to add,
update, and delete records from the form. The Delete action is carried out
in an event procedure and has the following code:
Private Sub Command28_Click()
On Error GoTo Err_Command28_Click
|
by: uv |
last post by:
Hi!
I'm having problems submitting a new record through the form.
I'm working with the wizard and I've added a control button to my form
for entering entering a new record but for some reason it only works
for the first record I enter.
The same goes for deleting a record.
It says I can't access the records, and that goes for both making or
deleting.
I'd appreciate your help very much,
uv
|
by: KC |
last post by:
Hello,
I am using Access 2002. WinXP, Template from MS called Orders Mgmt DB.
I have tweaked this DB to work for our small co. It has worked pretty
well up until I made the mistake of deleting about 80 records from the
Orders table. 80 out of a 1000 records.
Now our data entry form shows our customer addresses, but not customer
order history. When looking at all of the tables, customer, payments,
orders, they still have all of the...
|
by: deekay |
last post by:
I'm using Access 2000 working in DAO at the moment and am having
trouble deleting a record from a form that has been filtered.
So I'm filtering a form and then when the user selects the record and
tries to delete it using that button on the toolbar (i haven't been
using any manually coded method) that default delete confirmation
message is not coming up even though the record is successfully being
deleted from the database.
Also any...
| | |
by: DP |
last post by:
hi,
i've got a form, with a subform in it. i've got a delete button in the
subform. the code i;ve got is;
Private Sub cmdDeleteRecord_Click()
msg = "Are you sure you want to delete this film rental record?"
Style = vbYesNo + vbQuestion + vbDefaultButton2
|
by: Pat |
last post by:
Hi all,
I have a really awkward situation that is causing memory leak problems.
I'm passing data to a driver, and unfortunately, the driver code is not
something I can change, and it is written in C, so it deals with the data
as a big BYTE array. Basically, the driver expects a struct, followed
immediately in memory by a big chunk of raw BYTE data.
The size of the array of BYTEs is determined by certain members of the
struct. So...
|
by: sphinney |
last post by:
I'm not exactly sure how to start this post. My question is pretty simple, but it will take a little bit of context before I can state it. (And thanks in advance for taking the time to read this!)
Context:
What I'm essentially trying to do is create a poor man's document imaging system in Access 2007. I have a database that contains forms and modules (but no data) that I'm going to distribute to 200+ users in my company that have limited...
|
by: Kyosuke18 |
last post by:
Hi everyone,
I have a problem in deleting a data that is connected on the database.. I tried this code but it shows me an error: Run-time error '-2147217900(80040e14)': Syntax error in string in query expression 'ID=". Here is the code that i did:
Dim cn As New ADODB.Connection
Dim rs As New ADODB.Recordset
Dim ab As String
cn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Documents and Settings\Administrator\My...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
