# php -r '$a=array("1"=>1);var_dump($a[1]);'
int(1)
# php -r '$a=array("1a"=>1);var_dump($a);'
array(1) {
["1a"]=>
int(1)
}
# php -r '$a=array("0x1a"=>1);var_dump($a);'
array(1) {
["0x1a"]=>
int(1)
}
# php -r '$a=array(0x1a=>1);var_dump($a);'
array(1) {
[26]=>
int(1)
}
# php -r '$a=array(""=>1);var_dump($a);'
array(1) {
[""]=>
int(1)
}
# php -r '$a=array(false=>1);var_dump($a);'
array(1) {
[0]=>
int(1)
}
# php -r '$a=array(true=>1);var_dump($a);'
array(1) {
[1]=>
int(1)
}
# php -r '$a=array(1.1=>1);var_dump($a);'
array(1) {
[1]=>
int(1)
}
# php -r '$a=array("1.1"=>1);var_dump($a);'
array(1) {
["1.1"]=>
int(1)
}
# php -r '$a=array("01"=>1);var_dump($a);'
array(1) {
["01"]=>
int(1)
}
# php -r '$a=array(-1=>1);var_dump($a);'
array(1) {
[-1]=>
int(1)
}
# php -r '$a=array("-1"=>1);var_dump($a);'
array(1) {
[-1]=>
int(1)
}
# php -r '$a=array("+1"=>1);var_dump($a);'
array(1) {
["+1"]=>
int(1)
}
$_cachedModule_mid[intval($module->getVar('mid'))] =& $module;
On site moving like PEAK XOOPS, we should return 301 instead of 302.
You should know php's header("Location:...") returns 302 if you don't send 301 additionally.
I've just fixed this
DocumentRoot
-- xoops_redirect.php
-- xoops/
---- .htaccess
---- index.html (dummy)
<?php
$uri = strtr( substr( $_SERVER['REQUEST_URI'] , 6 ) , array( "\n" => '' , "\r" => '' ) ) ;
header( "HTTP/1.0 301 Moved Permanently" ) ;
header( "Location: http://xoops.peak.ne.jp".$uri ) ;
?>
ForceType xoops_redirect
Action xoops_redirect /xoops_redirect.php
This is the last chapter of BigUmbrella.
The code in (3) has two points should be argued.
- Is the check pattern OK?
preg_match( '/[<\'"].{15}/s' , $val , $regs )
The simple pattern of BigUmbrella has 3 problems.
(A) XSS check should be done only for "Content-Type: text/html".
(B) ob_start() will increase server's load when php transfers a huge file.
(C) preview situation with html allowed.
For (B), you should disable ob fileter manually.
// remove output bufferings
while( ob_get_level() ) {
ob_end_clean() ;
}
define( 'BIGUMBRELLA_DISABLED' , true ) ;
This is the simple pattern of "Big Umbrella anti-XSS system".
(1) make a file.
eg) /usr/local/lib/php/bigumbrella.php
<?php
function bigumbrella_init() {
foreach( $_REQUEST as $key => $val ) {
if( preg_match( '/[<\'"].{15}/s' , $val , $regs ) ) {
$GLOBALS['bigumbrella_doubtfuls'][] = $regs[0] ;
}
}
if( ! empty( $GLOBALS['bigumbrella_doubtfuls'] ) ) {
ob_start( 'bigumbrella_outputcheck' ) ;
}
}
function bigumbrella_outputcheck( $s ) {
if( ! is_array( @$GLOBALS['bigumbrella_doubtfuls'] ) ) {
return "bigumbrella injection found." ;
}
foreach( $GLOBALS['bigumbrella_doubtfuls'] as $doubtful ) {
if( strstr( $s , $doubtful ) ) {
return "XSS found." ;
}
}
return $s ;
}
$GLOBALS['bigumbrella_doubtfuls'] = array() ;
bigumbrella_init() ;
?>
php_value auto_prepend_file /usr/local/lib/php/bigumbrella.php
auto_prepend_file = /usr/local/lib/php/bigumbrella.php