The wrapper name is completely irrelevant as its only a php wrapper, I could name it $CUNT - $FUCKER - $$I_CONTAIN_UNSANITIZED _CODE - Makes not a jot of difference however the code I deploy within my wrapper does, firefly already mentioned, If i don't sanitize output from db to screen or if i don't protect sql querys then I'm in trouble. This shit is child's play, been advising people of its importance and how to do it for years on TBdev =]
Below is great, I could inject for fun and pawn any db using it
PHP Code:
sql_query("UPDATE users SET seedbonus = seedbonus-$INSTALLER09['bonus_per_delete'] WHERE id = $q["owner"]) or sqlerr(__FILE__, __LINE__);
Sqlesc applied on the query stops any injection period
PHP Code:
sql_query("UPDATE users SET seedbonus = seedbonus-".sqlesc($INSTALLER09['bonus_per_delete'])." WHERE id = " . sqlesc($q["owner"])) or sqlerr(__FILE__, __LINE__);
No htmlspecialchars on output means I can deploy an XSS attack with ease and you won't have a clue its been deployed and I'll have you redirected to some other server
So sanitize any output before printing to screen
PHP Code:
$HTMLOUT.= "<tr>
<td align='right'><font color='red'> * </font><b> {$lang['edit_comment']}</b></td>
<td>
<select name='allow_comments'>
<option value='" . $row["allow_comments"]. "'>" .$row["allow_comments"]. "</option>
<option value='yes'>Yes</option><option value='no'>No</option></select>{$messc}</td></tr>\n";
At a minimum
PHP Code:
$HTMLOUT.= "<tr>
<td align='right'><font color='red'> * </font><b> {$lang['edit_comment']}</b></td>
<td>
<select name='allow_comments'>
<option value='" . htmlsafechars($row["allow_comments"]) . "'>" . htmlsafechars($row["allow_comments"]) . "</option>
<option value='yes'>Yes</option><option value='no'>No</option></select>{$messc}</td></tr>\n";
I'm not naive, security is taken seriously on U-232 and I ain't no mug that does not understand its usage nor its importance, sure I'll have missed a odd one out of thousands but in general U-232 is tight. And thats not fool proof, experienced operators will gain access if they try hard enough, there's plenty out there trying on a daily basis =]