Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

This is a short but general question. I am relatively new to programming in gene

ID: 660677 • Letter: T

Question

This is a short but general question. I am relatively new to programming in general. My site, which is predominately written in PHP, will be launched soon and is undergoing some security tightening. This started with converting the whole thing to PDO with prepared statements (from what was a MySQL set up) to making sessions more secure.

My issue is this: I make quite a lot of use of the $_GET superglobal to pass user IDs around and thread IDs in the Q/A section. If a member clicks on another member's pic, they are sent to that user's profile page invariably using a $_GET['id'] to send the info - usual newbie type stuff.

I am concerned that this may pose a security risk as the members' ID numbers are essentially visible throughout the site.

I am not sure that creating forms with hidden $_POST variables is the answer. I have searched for answers on this, without success regarding this exact question.

I know this is not code, but I would appreciate some steerage on whether this actually does represent a problem, and if so, how.

Explanation / Answer

Seems that my comment did not make it here, so i'll post it as an answer:

No, it is not a serious security concern. If your site has for example a blind sql injection vulnerability, this would make it easier to attack a specific user. It probably also makes it a lot easier to scrape your website for user profiles, if that is a concern of yours. But other than that, I cannot think of a way to attack this.

But if you are still concerned: No, hidden post variables are not the answer. Instead, do not pass the ids, but pass slugs of usernames/postnames/etc instead (the slugs should be sanitized, so that they do only contain valid url characters). This is also more user and seo friendly.

But do make sure not to output any user supplied data directly to the enduser. You have to sanitize it first to prevent xss attacks (and it does count as user supplied even when it comes from the database - if the data in the database is user supplied).

Related Questions

This is a question that has a few parts that are all relative to the story, and
Question #273972
This is a question that has been in my mind since I was a kid. I\'m not a doctor
Question #30607
This is a question that have somewhat been asked before (i.e.: How to manage an
Question #660376
This is a question that\'s been on my mind for a while. Recently I\'ve been chec
Question #647247
This is a question with multiple parts and is not two questions posted in one. Q
Question #3882794
This is a questionfrom an evolutionary bio final exam. I will show you the quest
Question #4417
This is a questions releated to computer organization and MIPS.using MARS.can so
Question #638700
This is a questions that will be on a test I will take: When all the items in a
Question #2914845
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
This is a short answer question, please make the point clearly and separte your
Next
This is a short program to display the user with a menu. The following options s

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.