dongshan1959 2016-04-11 11:27
浏览 51
已采纳

如何保护此图片上传代码

I have been hacked during last two weeks and I see in the log files that hacker can upload php shells in registration

this is the form which let user register and save the data to database in the site and the point is when he uploads his avatar he can upload php file

<form method="post" name="regiterationForm" id="regiterationForm" enctype="multipart/form-data">
<table width="930" border="0" align="center" cellpadding="2" cellspacing="2">

<tr>
<td width="431" valign="top"><table width="500" border="0" cellspacing="2" cellpadding="2">
<tr>
<td width="215" align="right" class="registerpage_form_credential">Username:</td>
<td colspan="3" class="registersignupbox_bg">
<input onBlur="checkUserName(this.value);" type="text" name="userName" id="userName" class="register_signup_field" /> </td>
<div class="errormsg" id="error_userName" style="display:none;"><span class="noberr"></span><span id="error_userName_val">Please enter name</div>
</tr>
<tr>
<td width="215" align="right" class="registerpage_form_credential">Password:</td>
<td colspan="3" class="registersignupbox_bg"><input type="password" name="userPassword" id="userPassword" class="register_signup_field" />&nbsp;</td>
<div class="errormsg errpass" id="error_userPassword" style="display:none;"><span class="noberr"></span><span id="error_userPassword_val">Please enter password</div>
</tr>
<tr>
<td width="215" align="right" class="registerpage_form_credential">Retype Password:</td>
<td colspan="3" class="registersignupbox_bg"><input type="password" name="userRetypePassword" id="userRetypePassword" class="register_signup_field" />&nbsp;</td>
<div class="errormsg errpass1" id="error_userRetypePassword" style="display:none;"><span class="noberr"></span><span id="error_userRetypePassword_val">Please enter password</div>
</tr>
<tr>
<td width="215" align="right" class="registerpage_form_credential">Your real name:</td>
<td colspan="3" class="registersignupbox_bg"><input type="text" name="userRealName" id="userRealName" class="register_signup_field" />&nbsp;</td>
<div class="errormsg errpass2" id="error_userRealName" style="display:none;"><span class="noberr"></span><span id="error_userRealName_val">Please enter Name</div>
</tr>
<tr>
<td align="right" class="registerpage_form_credential">E-mail address:</td>
<td colspan="3" class="registersignupbox_bg"><input onBlur="checkUserEmail(this.value);" type="text" name="userEmail" id="userEmail" class="register_signup_field" />
&nbsp;</td>
<div class="errormsg errpass3" id="error_userEmail" style="display:none;"><span class="noberr"></span><span id="error_userEmail_val">Please enter Email</div>
</tr>
<tr>
<td align="right" class="registerpage_form_credential">Retype E-mail address:</td>
<td colspan="3" class="registersignupbox_bg"><input type="text" name="userRetypeEmail" id="userRetypeEmail" class="register_signup_field" />
&nbsp;</td>
<div class="errormsg errpass4" id="error_userRetypeEmail" style="display:none;"><span class="noberr"></span><span id="error_userRetypeEmail_val">Please enter Email</div>
</tr>
<tr>
<td align="right" class="registerpage_form_credential">Country:</td>
<td colspan="3" class="registersignupbox_bg"><select name="country" id="country" class="register_monthday_selection">
<option value="">Choose a Country</option>
<?php for($i=0; $i<count($allCountryName); $i++){ ?>
    <option value="<?php echo $allCountryName[$i]['name']; ?>"><?php echo $allCountryName[$i]['name']; ?></option>
<?php } ?>
</select>
&nbsp;</td>
<div class="errormsg errpass5" id="error_country" style="display:none;"><span class="noberr"></span><span id="error_country_val">Please Select Country</div>
</tr>
<tr>
<td align="right" class="registerpage_form_credential">Date of birth:</td>

<td class="register_day_bg"><select name="userDay" id="userDay" class="register_day_selection">
<option value="">Day</option>
<?php for($i=1; $i<=31; $i++){ ?>
    <option value="<?php echo $i; ?>"><?php echo $i; ?></option>
<?php } ?>
</select></td>

<td class="register_month_bg"><select name="userMonth" id="userMonth" class="register_month_selection">
<option value="">Month</option>
<?php $month_digit_array = array("1"=>"January","2"=>"February","3"=>"March","4"=>"April","5"=>"May","6"=>"June","7"=>"July","8"=>"August","9"=>"September","10"=>"October","11"=>"November","12"=>"December"); 
    for($i=1; $i<=12; $i++){
?>
<option value="<?php echo $i; ?>"><?php echo $month_digit_array[$i]; ?></option>
<?php } ?>
</select></td>

<td class="register_year_bg"><select name="userYear" id="userYear" class="register_year_selection">
<option value="">Year</option>
<?php $curYear = date('Y');  for($i=$curYear; $i>=1930; $i--){ ?>
    <option value="<?php echo $i; ?>"><?php echo $i; ?></option>
<?php } ?>
</select></td>
</tr>

<tr>
<td align="right" class="registerpage_form_credential">I am a:</td>
<td colspan="3" class="registersignupbox_bg"><select name="gender" id="gender" class="register_monthday_selection">
<option value="">Select an option</option>
<option value="Male">Male</option>
<option value="Female">Female</option>

</select></td>
<div class="errormsg errpass6" id="error_gender" style="display:none;"><span class="noberr"></span><span id="error_gender_val">Please Select Gender</div>
</tr>
<tr>
<td align="right" class="registerpage_form_credential">Select an Avatar:</td>
<td colspan="3" class="registersignupbox_bg"><input type="file" id="image" name="userAvatar" /></td>
<div class="errormsg errpass7" id="error_image" style="display:none;"><span class="noberr"></span><span id="error_image_val">Please Select Image</div>
</tr>
<tr>
<td colspan="4" style="
    padding-left: 37%;
"><div class="g-recaptcha" data-sitekey="6LfhvAkTAAAAAFQyqmN2nf9hXEY1T0jF89SCGNVB"></div>
</td>
</tr>
</table></td>
<td width="455">

<p>

<iframe width="555" height="312" src="https://www.youtube.com/embed/vkjFm6ClTuw" frameborder="0" allowfullscreen></iframe>

</p>

<br />
<div style="width:468px ;margin: 0 auto; height:60px">

<script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<!-- Header/Footer Small -->
<ins class="adsbygoogle"
     style="display:inline-block;width:468px;height:60px"
     data-ad-client="ca-pub-5794587985510139"
     data-ad-slot="5064971004"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>

</div>

</td>
</tr>
<tr>
<td colspan="2"><table width="709" border="0" align="center" cellpadding="2" cellspacing="2" style="margin-top:11px;    margin-top: 15px !important;
margin-right: 67px;" class="signp">
<tr>
<td>&nbsp;</td>
<td class="contactus_form_credentials">&nbsp;</td>
</tr>
<tr>
<td width="21" align="center"><label>
<input type="checkbox" name="promotion" id="promotion"/>
</label></td>
<td width="442" class="contactus_form_credentials">I agree that my account will be deleted if my email is not valid</td>
</tr>
<tr>
<td align="center"><input type="checkbox" name="checkbox2" id="checkbox2"/></td>
<td class="contactus_form_credentials">I have read and agree to the (example.com) <a href="terms.php" class="termsofuse">Terms of use</a></td>
</tr>
<tr>
<td>&nbsp;</td>
<td style="cursor:pointer;" onclick="registerFormValidation();"><img src="images/register_signup_btn.png" width="220" height="108" /></td>
</tr>
</table></td>
</tr>
</table>




<div class="errormsg errpass7" id="error_captcha" style="display:none;"><span class="noberr"></span><span id="error_captcha_val"></div>






</form>

and this the function for registration 

function insertData($arr,$files){
    $username  =$arr['userName'];
    $pass      =$arr['userPassword'];
    $realname  =$arr['userRealName'];
    $email     =$arr['userEmail'];
    $country   =$arr['country'];
    $gender    =$arr['gender'];
    $dob       =$arr['userDay'].'-'.$arr['userMonth'].'-'.$arr['userYear'];
    if(self::userNameExit($username) != "not_exist"){
        echo "<script>document.location.href='".HTTP_PATH."register.php'</script>";
        exit();
    }
    if(self::userEmailExist($email) != "not_exist"){
        echo "<script>document.location.href='".HTTP_PATH."register.php'</script>";
        exit();
    }
    require_once(COMM_PATH."DatabaseManager.php"); 
    $db= new DatabaseManager();
    $emailcode =  rand().time();
    $sql       =  "Insert into users(username,pass,realname,email,country,dob,gender,lastlogin,register_date,email_varification,email_code)values('".$username."','".md5($pass)."','".$realname."','".$email."','".$country."','".$dob."','".$gender."', now(), now(),'n','".$emailcode."')";
    $result    =  $db->executeUpdate($sql);
    $user_id   =  $db->lastInsertId();
    self::autoFriends($user_id);
    self::sentMessage($user_id,$username);
    insertStatusNow($user_id,"user");
    if(isset($files['userAvatar']['name']) && $files['userAvatar']['name'] !=""){
        $nameOfImage    = time()."_".basename($files['userAvatar']['name']);
        $path           = USER_IMAGE_UPLOAD_PATH.$nameOfImage;
        if(move_uploaded_file($files['userAvatar']['tmp_name'], $path)){
            $sql="UPDATE `users` SET `image` = '".$nameOfImage."' WHERE `Id` =".$user_id;
            $db->executeUpdate($sql);
            if(isset($arr['promotion']) && $arr['promotion'] == "promotion_yes"){
                self::notificationSubmit($user_id,$email);
            }
        }
        return $user_id;
    }
}

I want to know what is wrong with me , the business is going down every day the site hacked

UPDATE ::

    if(isset($files['userAvatar']['name']) && $files['userAvatar']['name'] !=""){
            $nameOfImage    = $files['userAvatar']['name'];
            $path           = USER_IMAGE_UPLOAD_PATH.$nameOfImage;


$fileInfo = new finfo();

$allowedMIMETypes = ['image/bmp', 'image/gif', 'image/jpeg', 'image/png']; //the most common image MIME types, you can add more if you want

if(in_array($fileType = $fileInfo->file($nameOfImage, FILEINFO_MIME_TYPE, $allowedMIMETypes))){
                if(move_uploaded_file($files['userAvatar']['tmp_name'], $path)){
                $sql="UPDATE `users` SET `image` = '".$nameOfImage."' WHERE `Id` =".$user_id;
                $db->executeUpdate($sql);
                if(isset($arr['promotion']) && $arr['promotion'] == "promotion_yes"){
                    self::notificationSubmit($user_id,$email);
                }
            }
            return $user_id;
} 

else {
    die("check you reg");
}
return null;

I have made the code like that but it let user register but with no photo

  • 写回答

2条回答 默认 最新

  • dousong1926 2016-04-11 12:07
    关注

    Use this to check the MIME-type of the file:

    $file = $files['userAvatar']['name'];
$fileInfo = new finfo();

$allowedMIMETypes = ['image/bmp', 'image/gif', 'image/jpeg', 'image/png']; //the most common image MIME types, you can add more if you want

if(in_array($fileType = $fileInfo->file($file, FILEINFO_MIME_TYPE, $allowedMIMETypes)){
    //the file is an image
} else {
    //file doesn't have a whitelisted MIME-type
}

    Update: If you want to prevent users from registering without an avatar, simply put the code I gave you before you insert the user into the database. Your entire function would become something like this:

    function insertData($arr,$files){
    $username  =$arr['userName'];
    $pass      =$arr['userPassword'];
    $realname  =$arr['userRealName'];
    $email     =$arr['userEmail'];
    $country   =$arr['country'];
    $gender    =$arr['gender'];
    $dob       =$arr['userDay'].'-'.$arr['userMonth'].'-'.$arr['userYear'];
    if(self::userNameExit($username) != "not_exist"){
        echo "<script>document.location.href='".HTTP_PATH."register.php'</script>";
        exit();
    }
    if(self::userEmailExist($email) != "not_exist"){
        echo "<script>document.location.href='".HTTP_PATH."register.php'</script>";
        exit();
    }

    //*************
    if(!isset($files['userAvatar']['name']) || empty($files['userAvatar']['name'])){
        //no file was uploaded, give some kind of error message
    }

    $fileInfo = new finfo();
    $allowedMIMETypes = ['image/bmp', 'image/gif', 'image/jpeg', 'image/png']; //the most common image MIME types, you can add more if you want
    if(!in_array($fileType = $fileInfo->file($nameOfImage, FILEINFO_MIME_TYPE, $allowedMIMETypes))){
        //the uploaded file wasn't recognized as an image, give some kind of error message
    }
    *************//

    require_once(COMM_PATH."DatabaseManager.php"); 
    $db= new DatabaseManager();
    $emailcode =  rand().time();
    $sql       =  "Insert into users(username,pass,realname,email,country,dob,gender,lastlogin,register_date,email_varification,email_code)values('".$username."','".md5($pass)."','".$realname."','".$email."','".$country."','".$dob."','".$gender."', now(), now(),'n','".$emailcode."')";
    $result    =  $db->executeUpdate($sql);
    $user_id   =  $db->lastInsertId();
    self::autoFriends($user_id);
    self::sentMessage($user_id,$username);
    insertStatusNow($user_id,"user");
    $nameOfImage    = time()."_".basename($files['userAvatar']['name']);
    $path           = USER_IMAGE_UPLOAD_PATH.$nameOfImage;
    if(move_uploaded_file($files['userAvatar']['tmp_name'], $path)){
        $sql="UPDATE `users` SET `image` = '".$nameOfImage."' WHERE `Id` =".$user_id;
        $db->executeUpdate($sql);
        if(isset($arr['promotion']) && $arr['promotion'] == "promotion_yes"){
            self::notificationSubmit($user_id,$email);
        }
    }
    return $user_id;
}

    Furthermore, I saw that you handled errors by redirecting the user to the registration page using JavaScrip (not even using the PHP header() function). This isn't very elegant, and the user won't know what they did wrong, so I suggest you return an error message from the function instead, which is then echoed on the registration page

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

  • 大数据 背景图 或js代码实现 大数据
    2015-07-06 14:40
    回答 4 已采纳 不知道你说的jss和动态大图是什么。 是热力图么?参考:http://www.jq22.com/jquery-info544 或者是扇形图么?http://www.thebigdata.cn/Ji
  • 大数据一元线性回归代码提示错误 python
    2022-10-13 12:26
    回答 1 已采纳 datetools好像已经弃用了 要么用别的 要么降版本
  • 华为认证大数据工程师 大数据
    2022-03-29 22:18
    回答 3 已采纳 如果家里条件允许的话可以考虑一下,华为认证社会认可度还是蛮高的
  • 大数据存储基石——HDFS
    2022-07-27 18:16
    小光芒的博客 42fd-9c36-b5bdc4b8147&title=&width=1223) Client:客户端 上传文件到HDFS时,客户端负责将文件切分为block,然后进行上传 请求与NameNode的交互,获取文件位置等元数据信息 读取或写入文件,与NameNode交互 使用...
  • Java建议转大数据吗本科 etl工程师 大数据 数据库开发
    2022-07-02 22:58
    回答 2 已采纳 你所搜的岗位都有,但是每个岗位的工作内容有很大的区别比如大数据开发工程师,这是一个比较宽泛的定义,没有具体到岗位职责,可以是etl工程师,也可以是大数据平台开发,也可以是大数据实时开发,也有大数据运维
  • java后端转大数据怎么样 java 大数据
    2022-06-17 21:25
    回答 1 已采纳 前端和云原生也不错
  • 转行大数据要学什么框架 大数据
    2022-07-09 09:51
    回答 1 已采纳 学flink和hadoop把,我最近也在学,同学加油
  • 大数据开发学习笔记
    2023-02-12 13:46
    漩涡脆波波的博客 大数据开发有两种 , 一种需要编写Spark、Hadoop的应用程序 , 另一种需要开发大数据处理系统本身 。 大数据开发工程师的职责是负责公司大数据平台的开发和维护、网络日志大数据分析、实时计算和流式计算等技术的...
  • python大数据整理 python 大数据
    2023-01-30 19:57
    回答 2 已采纳 如果数据是按照天来统计的,可以参考以下步骤: 利用 pandas 读取每天的数据并将其合并到一个大的 DataFrame 里面在 DataFrame 里面根据日期列创建一个新的日期列,用来储存日期的月
  • 在Linux 怎么打代码,最好有图片 大数据
    2021-10-30 23:36
    回答 1 已采纳 ls /root >> list 添加sudo是没有权限,切换到root用户。“>>” 就是输出到指定文件
  • 大数据、Hadoop hadoop 大数据
    2022-12-19 16:44
    回答 1 已采纳 format只需要对NameNode做,如果你在node3做了也没关系,删除node3上的、hdfs-site.xml中配置的NameNode对应的目录即可,然后在node1上也删除相同的目录后,重新
  • ACP大数据
    2021-12-15 21:51
    丿SeeYouAgain的博客 本文总结阿里云大数据ACP考试相关试题,仅供参考!如有纰漏,还望指出! 1.在阿里云流计算中,一个用户作业在运行期间随着数据量的突增提升了其作业CPU使用率,这将会影响到其他用户作业的CPU 使用情况( ) B A.正确 B...
  • 数据仓库 大数据 apachhive hive 大数据 数据仓库
    2023-02-24 15:51
    回答 1 已采纳 是的,Apache Hive的分层就是指把不同维度的数据抽取出来,并根据不同的维度进行分类存放。通过这种方式,可以更好的管理数据,便于后续的查询和分析处理。
  • 教育大数据总体解决方案(1)
    2023-04-10 15:28
    FRDATA1550333的博客 1.3大数据驱动教育信息化发展 1.4政策指导大数据推动教育变革 1.5教育大数据应用生态服务教育现代化 二、 建设需求 2.1地区教育系统亟待进行信息共享、系统融合 2.2新型教学环境需要创新的教学内容和方法 ...
  • 大数据开发基础课
    2022-07-13 15:53
    办公模板库 素材蛙的博客 模块一:大数据简介03 | 为了追赶当下趋势,我们要做什么思想准备?模块三:大数据开发06 | 精准溯源:大数据中的数据到底是从哪儿来的?07 | 专为解决大数据存储问题而产生的 HDFS08 | HBase 和 Hive 你能分清楚吗...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 linux驱动,linux应用,多线程
  • ¥20 我要一个分身加定位两个功能的安卓app
  • ¥15 基于FOC驱动器,如何实现卡丁车下坡无阻力的遛坡的效果
  • ¥15 IAR程序莫名变量多重定义
  • ¥15 (标签-UDP|关键词-client)
  • ¥15 关于库卡officelite无法与虚拟机通讯的问题
  • ¥15 目标检测项目无法读取视频
  • ¥15 GEO datasets中基因芯片数据仅仅提供了normalized signal如何进行差异分析
  • ¥100 求采集电商背景音乐的方法
  • ¥15 数学建模竞赛求指导帮助