I’m wondering if $_POST & $_GET can have issues with security.
Let’s say i have an AJAX code that sends the data to a PHP file with the following:
if(isset($_POST['id'])) {
$client_id = mysql_real_escape_string($_POST['id']);
$client_name = mysql_real_escape_string($_POST['name']);
//Delete the Client
$sql="DELETE FROM clients WHERE id='".$client_id."'";
mysql_query($sql) or die(mysql_error());
//Client Pages Delete
$sql="DELETE FROM fanpages WHERE client='".$client_name."'";
mysql_query($sql) or die(mysql_error());
Now let’s say the PHP file name is delete.php any user can just write something like delete.php?id=423&name=Jack and it will shout the query and delete the client?
I was thinking about adding a COOKIE check at the beginning but as far as i know COOKIE’s can be faked as well, am i right?
So what is the solution for making safe $_POST & $_GET requests with the combination of DB quires?
EDIT: All this happens inside of a user-password secured area but I’m asking about the sole delete.php file, do i need to add a COOKIE check to this file as well?
EDIT2: The script is working with COOKIE’s not SESSIONS, should i add SESSIONS to the system as well? is it necessary to have cookies and session on the same system?
The trick is to properly escape data and prevent SQL injections. If it comes to deleting a user and you want to be extra safe, you could require a login or something too.
Of course, this would require you to create some sort of authentication procedure after a login form is submitted. (e.g. querying a MySQL database and testing the username and password against a table of users)
Here is a great example!