bug fix

Author: RiieCco

skf/logs/2015-03.txt

@@ -69,26 +69,40 @@ File upload
 					die();
 				}
 		
-			//Check for uploading out of intended directory
+			
+			//here we create a function which checks te allowed patterns
+			function checkpattern(){
+		    
+		    //Check for uploading out of intended directory
 			$array = array("/%2e%2e%2f/" ,"/..//" ,"/%2e/" ,"/%5c/" ,"/%252e/" ,"/%c0%af/" ,"%/c1%9c/");
-		
-			foreach($array as $injectPattern){
-				while(preg_match($injectPattern , $this->_image['name'])){
+	
+		foreach($array as $Pattern){
+			while(preg_match($Pattern , $this->_image['name'])){		
+				//If the value is valid we send a log to the logging file.        
+				setLog($_SESSION['userID'],"Validation was succesfull for filename", "SUCCESS", date(dd-mm-yyyy), $privelige, "NULL"); 
 			
-					//Set a log for whenever there is unexpected userinput with a threat level
-					setLog($_SESSION['userID'],"Unrestricted image filename", "FAIL", date(dd-mm-yyyy), $privelige, "HIGH");
-
-					/*
-					Set counter; if counter hits 3, the user's session must be terminated.
-					After 3 session terminations the user acount should be blocked
-					Since the high threat level there will be imediate session termination
-					*/
-					setCounter(3);
-							
-					//The die function is to make sure the rest of the php code is not excecuted beyond this point
-					die();
-				}		
+				//then we return true      			
+				return true;
 			}
+
+		}
+	}
+	
+	//Here we handle the consequences if the checkpattern function fails
+	if(checkpattern() !== true){
+		
+		//Set a log for whenever there is unexpected user input with a threat level:
+		setLog($_SESSION['userID'],"Detection of malicous input in file include", "FAIL", date(dd-mm-yyyy), $privelige, "HIGH");
+		
+		/*
+		If the user tries to read files other than specified, immediate logout wil follow!
+		*/
+		setCounter(3);
+					
+		//The die function is to make sure the rest of the php code is not excecuted beyond this point
+		die(); 
+	}
+	
 			
 			//if all goes wel upload your file, first we want to log the event.	
 			setLog($_SESSION['userID'],"File upload", "SUCCESS", date(dd-mm-yyyy), $privelige, "NULL");

skf/markdown/code_examples/php/1-code_example--File_upload--.md

@@ -25,6 +25,13 @@ Secure session cookies
 
 		session_set_cookie_params($lifetime, $path, $domain, $secure, $httponly);
 	}
+	
+	/*
+	You could also set the session cookie its secure function with a ini_set
+	This ini_set has to be included in the header of al your pages in order to work
+	*/
+	
+	ini_set('session.cookie_secure', 1);
 
 	?>
 

skf/markdown/code_examples/php/13-code_example--Secure_session_cookies--.md

@@ -20,5 +20,14 @@ Session cookies HttpOnly
 
 		session_set_cookie_params($lifetime, $path, $domain, $secure, $httponly);
 	}
+	
+	/*
+	You could also set the session cookie its httpOnly function with a ini_set
+	This ini_set has to be included in the header of al your pages in order to work
+	*/
+	
+	ini_set('session.cookie_httponly', 1);
+	
+	
 
 	?>

skf/markdown/code_examples/php/14-code_example--Session_cookies_HttpOnly--.md

@@ -24,25 +24,37 @@ Identifier-based authorization
 	}
 
 
-	//The seccond layer is to define the allowed pages to be read by the user
-	$array = array("/page1/" ,"/page2/" ,"/etc/" ,"/etc/");
+	//First we create a function which checks te allowed patterns
+	function checkpattern(){
+		$array = array("/^page1$/" ,"/^page2$/" ,"/^etc$/" ,"/^etc$/");
 
-	foreach($array as $page){
-		while(!preg_match($page , $_GET['page']])){
+		foreach($array as $Pattern){
+			while(preg_match($Pattern , $_GET['page'])){		
+				//If the value is valid we send a log to the logging file.        
+				setLog($_SESSION['userID'],"Validation was succesfull for filename", "SUCCESS", date(dd-mm-yyyy), $privelige, "NULL"); 
+			
+				//then we return true      			
+				return true;
+			}
+
+		}
+	}
+	
+	//Here we handle the consequences if the checkpattern function fails
+	if(checkpattern() !== true){
 		
 		//Set a log for whenever there is unexpected user input with a threat level:
 		setLog($_SESSION['userID'],"Detection of malicous input in file include", "FAIL", date(dd-mm-yyyy), $privelige, "HIGH");
 		
 		/*
-		If the user tries to read files pages than specified, immediate logout wil follow!
-
+		If the user tries to read files other than specified, immediate logout wil follow!
 		*/
 		setCounter(3);
-		
+					
 		//The die function is to make sure the rest of the php code is not excecuted beyond this point
-		die();            
-		}        
+		die(); 
 	}
+	
 
 
 	/* 

skf/markdown/code_examples/php/15-code_example--Identifier_based_authorization--.md

@@ -19,6 +19,13 @@ Timeout a session
 		session_set_cookie_params($lifetime, $path, $domain, $secure, $httponly);
 
 	}
+	
+	/*
+	You could also set the session cookie its secure function with a ini_set
+	This ini_set has to be included in the header of al your pages in order to work
+	*/
+	
+    ini_set('session.cookie_lifetime', 3600);
 
 	?>
 

skf/markdown/code_examples/php/20-code_example--Timeout_a_session--.md

@@ -11,15 +11,15 @@ Debug Enabling
     For privilege based authentication we need an extra tabel in your database in order to write the users privileges to.
 
     TABLE users
-    -------------------------------------------------------------    
-    | userID | userName | password | privilegeID |    access	|
-    -------------------------------------------------------------  
-    |   1	 | Admin	| Csdar323 |	  1		 | 	   TRUE		|
-    -------------------------------------------------------------  	
-    |	2	 | User		| Adf4fsv  |	  2		 |	   FALSE	|
-    -------------------------------------------------------------  
-    |	3	 | Guest	| dff4fKr  |	  3		 |	   TRUE		|
-    -------------------------------------------------------------  
+    ---------------------------------------------------------------------------------    
+    | userID | userName | password | privilegeID |    access	| AggregrateControl	|
+    ---------------------------------------------------------------------------------   
+    |   1	 | Admin	| Csdar323 |	  1		 | 	   TRUE		|		2336		|
+    ---------------------------------------------------------------------------------   	
+    |	2	 | User		| Adf4fsv  |	  2		 |	   FALSE	|		 0			|
+    ---------------------------------------------------------------------------------   
+    |	3	 | Guest	| dff4fKr  |	  3		 |	   TRUE		|		135			|
+    ---------------------------------------------------------------------------------   
 
     TABLE privileges
     ----------------------------------   
@@ -45,7 +45,7 @@ Debug Enabling
         In this example the expexted input is "a-Z/0-9 - _"
         */ 
 
-        if(!preg_match("/^[^a-zA-Z0-9_\-]/", $username))
+        if(preg_match("/[^a-zA-Z0-9]/", $username))
         {       
             //Set a log for whenever there is unexpected userinput with a threat level 
             setLog("null","invalid expected input", "FAIL", date(dd-mm-yyyy), "null", "HIGH"); 
@@ -106,7 +106,7 @@ Debug Enabling
     /*
     This is how you enforce the permissions in your application
     We define the roles we want the user to suffice
-    /*
+    */
 
     if(isAuthorized("edit:read:delete") === true){
         //Do your operation

skf/markdown/code_examples/php/25-code_example--Login_functionality--.md

@@ -13,7 +13,7 @@ input validation
         we can assume a hacker is trying to inject malicious input
      	*/
      	
-     	if(!preg_match("/^[a-zA-Z0-9]+$/", $_POST['userinput'])
+     	if(!preg_match("/^[a-zA-Z0-9]+$/", $_POST['userinput']))
      	{
      		//Set a log for whenever there is unexpected userinput with a threat level
 			setLog($_SESSION['userID'],"invalid expected input", "FAIL", date(dd-mm-yyyy), $privelige, "MOD");
@@ -31,35 +31,38 @@ input validation
         fixed expected value. whenever these value's differ from your fixed value's you can determin the user is tampering
         the value's and should be blocked since he is probably intercepting your parameters with an intercepting proxy. 
         */
-        $array = array("/page1/" ,"/page2/" ,"/etc/" ,"/etc/");
-        
-        foreach($array as $injectPattern){
-            while(preg_match($injectPattern , $_GET['fileName']])){
-                
-                //If the value is valid we send a log to the logging file.        
-                setLog($_SESSION['userID'],"Validation was succesfull for filename", "SUCCESS", date(dd-mm-yyyy), $privelige, "NULL");       
-                 
-                //Then we return true value       
-            	$bool = true;	
-				return $bool;        
-            }        
-        }
-        
-        //If the value was not validated as true we must log and count the users actions
-        if($bool !== true){
-          
-			//Set a log for whenever there is unexpected user input with a threat level:
-			setLog($_SESSION['userID'],"Detection of malicous input in file include", "FAIL", date(dd-mm-yyyy), $privelige, "HIGH");
-		  
+	
+	//First we create a function which checks te allowed patterns
+	function checkpattern(){
+		$array = array("/^page1$/" ,"/^page2$/" ,"/^etc$/" ,"/^etc$/");
+	
+		foreach($array as $Pattern){
+			while(preg_match($Pattern , $_GET['fileName'])){		
+				//If the value is valid we send a log to the logging file.        
+				setLog($_SESSION['userID'],"Validation was succesfull for filename", "SUCCESS", date(dd-mm-yyyy), $privelige, "NULL"); 
 			
-			 /*
-			If the user tries to read files other than specified, immediate logout wil follow!
-			*/
-			setCounter(3);
-						
-			//The die function is to make sure the rest of the php code is not excecuted beyond this point
-			die();          
-    	}
+				//then we return true      			
+				return true;
+			}
+
+		}
+	}
+	
+	//Here we handle the consequences if the checkpattern function fails
+	if(checkpattern() !== true){
+		
+		//Set a log for whenever there is unexpected user input with a threat level:
+		setLog($_SESSION['userID'],"Detection of malicous input in file include", "FAIL", date(dd-mm-yyyy), $privelige, "HIGH");
+		
+		/*
+		If the user tries to read files other than specified, immediate logout wil follow!
+		*/
+		setCounter(3);
+					
+		//The die function is to make sure the rest of the php code is not excecuted beyond this point
+		die(); 
+	}
+	
         
         /*
         Third example is an encoding routine where we take possible malicious input and transform it into harmless input.