Writing secure code
by Dmitry Dulepov

Security is the issue

You are responsible

You must not fail

Write secure code now!

3 attacks

SQL injection: how

SQL injection: how
index.php?id=1

SQL injection: how
index.php?id=1
“SELECT * FROM pages WHERE ” .
“id=’” . $_GET[‘id’] . “‘“

SQL injection: how
index.php?id=1
“SELECT * FROM pages WHERE ” .
“id=’” . $_GET[‘id’] . “‘“
index.php?id=1’;DELETE FROM
be_users’

SQL injection: how
index.php?id=1
“SELECT * FROM pages WHERE ” .
“id=’” . $_GET[‘id’] . “‘“
index.php?id=1’;DELETE FROM
be_users’
“SELECT * FROM pages WHERE ” .
“id=’1‘;DELETE FROM be_users ‘’“

SQL injection: the fix

SQL injection: the fix
“SELECT * FROM pages WHERE ” .
“id=” . $GLOBALS[‘TYPO3’]->
fullQuoteStr($id, ‘pages’)

SQL injection: the fix
“SELECT * FROM pages WHERE ” .
“id=” . $GLOBALS[‘TYPO3’]->
fullQuoteStr($id, ‘pages’)
“SELECT * FROM pages WHERE ” .
“id=” . intval($id)

Cross–site scripting: how

Cross–site scripting: how
Comment:
I agree!
<script src=”http://example.com/
evil-script.js”>
</script>
Submit

Cross–site scripting: the x

Cross–site scripting: the x
htmlspecialchars($comment)

Cross–site request forgery: how

Cross–site request forgery: how
<img src=”http://yourbank.com/
transfer?
to_account=DE25LALA1234567890&
amount=4000&
currency=EUR” />

Cross–site request forgery: the x

Cross–site request forgery: the x
• _POST
• random number

Cross–site request forgery: the x
• _POST
• random number

Cross–site request forgery: the x
• _POST
• random number
• Salted magic value
• Captcha

Remember about security

Make customers happy!