| Norland, Martin 2005-09-28, 6:57 pm |
|
Security through obscurity is a prominent placebo these days. If you
don't want users deleting the wrong images, make the
class/function/script that deletes them check for permission. Don't
have your security dependant on the client.
cheers,
- Martin Norland, Sys Admin / Database / Web Developer, International
Outreach x3257
The opinion(s) contained within this email do not necessarily represent
those of St. Jude Children's Research Hospital.
-----Original Message-----
From: A.J. Brown [mailto:aj@bitnotion.com]=20
Sent: Wednesday, September 28, 2005 7:48 AM
To: Matthias Willerich
Cc: php-db@lists.php.net
Subject: [PHP-DB] Re: Upload images with minimun effort from final user.
..
Matthias,
The md5 approach is just added security, which is something I always use
in=20
situations like this. All it really does is mask it, so a user can't
see=20
what the ID is (or that it's a sequential number at all) and therefore
view=20
images they were not intended to see. For example, if the URL for
viewing=20
an image is as follows:
/getimage.php?image=3D15
A user could guess that there are 14 other images, and could retrieve
them=20
by replacing the 15 with any other number. If you use the md5 approach,
the=20
url becomes this:
/getimage.php? image=3D9bf31c7ff062936a96d3c8bd1f8f2ff3
This makes it harder for them to guess the image ID, and view images
they=20
are not inteded to see.
Of course, this is not necessary by any means, and only applies when
you're=20
concerned with an image being viewed unintentionally. It's VERY usefull
if=20
you also have a public script which a user can delete an image using a=20
similar url as above as well. Using the first example, if my page is=20
/delete_image.php?image=3D15, a malicious user could delete EVERY image =
by
just replacing the number.
Sincerely,
A.J. Brown
BitNotion Technologies
aj@bitontion.com
|