Sam Houston State University Professor Min Kyung An
Total Page:16
File Type:pdf, Size:1020Kb
Sam Houston State University Professor Min Kyung An Assignment 5 COSC 5335 Database Security In this assignment, you will create a web page using PHP, and connect it to your database. Then, we will do an SQL injection attack on the web page. For this assignment, you have to start and keep running your Apache server. To complete this assignment, you must submit a document with the requirements (screenshots, and etc). Your writing and formatting of a document will be also graded. This assignment was created referring to the book, \PHP and MySQL by Adrea Tarr", and http://php.net/ 1 First PHP Page You start with a simple web page written in HTML & PHP codes that looks like Figure 1. Figure 1 Figure 2 shows the web page's source code written in a file named index.php. The file is currently written using HTML tags only, and later we will embed PHP codes into the HTML code. Write the code using your editor, and save the file (index.php) in the c:nxamppnhtdocsndbclass folder. From now on, always show your name in every web page you create by in- serting it in any source codes, otherwise some points will be deducted. To open the web page written in the code you wrote, open your web browser, and enter the address http://localhost/dbclass/. Then, index.php in the c:nxamppnhtdocsndbclass folder will be loaded on the web browser. This is your first PHP web page. 1. Submit a screenshot showing the loaded web page. Page 1 Sam Houston State University Professor Min Kyung An Figure 2 2 Connecting to the Database In this section, you will connect your web page to the database you created in previous assignments. In order to communicate with a MySQL database, you need to use PHP. What is the PHP? As mentioned in Assignment 4, PHP is a scripting language that is especially suited for web development and its code can be embedded into HTML code. PHP is an object-oriented (not \pure", though) language providing several classes and their functions (methods). The original way to establish a connection between PHP and a MySQL database was to use a class named mysql. It has been replaced by mysqli in PHP 5. mysqli is an improved, more secure version that takes advantage of features added to new version of MySQL. At this point, some students probably do not understand what an object-oriented language means, and what classes and methods mean. It is strongly recommended for you to self- study the basics of PHP or at least those terms. In case that you still do not understand those, just follow the step-by-step instructions in this assignment. Let's get started. First of all, you need to know the hostname (which is localhost) of the web server, and username and password of the databse. You create an instance (object) of the class mysqli to establish a connection. The code in Figure 3 connects to MySQL running on localhost and uses the username root and the password 12345. (You must use your password in the code.) The object $connect can be called anything. The Figure 3 shows that the new PHP code is embedded in the previous HTML code. When PHP parses a file, it looks for opening and closing tags, which are <?php and ?> which tell PHP to start and stop interpreting the code between them. To learn very basic syntax of PHP, please refer to http://php.net/manual/en/language.basic-syntax.php. If there is an error with the connection, the error is put in the property connect error for the object you just created. Use the if statement to check for errors. The example in Figure 4 displays the error message if there is an error. If you are in a production site, you Page 2 Sam Houston State University Professor Min Kyung An Figure 3 should give a message to the user without details because the details could be used to hack the system. If there is no error, a success message is displayed. Remember to change the configuration information to match your setup. Figure 4 Write the code following the aforementioned instruction, and save it as index.php in the c:nxamppnhtdocsndbclass folder. Load the web page written in the code. 2. Submit a screenshot showing the loaded web page. The web page must be successfully connected to the database and display the `successful connection' message. 3 Selecting Data from a Table in a Database In this section, you learn how to retrieve data from the database. The SELECT command is arguably the most common sql command used in PHP codes. It is also one of the most complex, with clauses that enables you to choose what table(s) you use, which columns are returned, what conditions must be met before a row is selected, what order to sort the data in, and whether and how to group and summarize the data. You have already learned how to use this command in previous assignments. In this assignment, you work with a single table at a time. You may want to self-study how to use multiple tables. The database you will use is an menagerie1 of root account. (The name of your database is different from an menagerie1. Remember that you created your Page 3 Sam Houston State University Professor Min Kyung An database whose name is (your-last-name) menagerie1, and the pet table in the database in previous assignments.) 3.1 Displaying Tables of a Database See the code in Figure 5. The mysqli class has a method called query(). You pass it to a MySQL statement and it returns an object of the mysqli result class. You then use the properties and methods of that object to see your results. The sql command to see a list of tables is SHOW TABLES. The sql commands are not case sensitive, but it is standard practice to capitalize them. Assuming that $connection is your connection object, the following code executes the SHOW TALBES command and creates $result as an object based on the mysqli result class: $result = mysqli query($connection, ``SHOW TABLES'') The mysqli result class property num rows contains the number of rows. Because $result is based on the mysqli result class, it also has num rows as property. $count = mysqli num rows($result); The mysqli result class method fetch array() returns the results in the form of an array for each record, which in this case is each table. The first element in the array contains the table name. $row = $result->fetch array(); echo $row[0]; This finds only the first table in the database. To get a list of all the tables, you use a while loop. The script continues to loop through the results until it reaches the end. while ($row = $result -> fetch array() ) f echo $row[0]. `<br>'; g Figure 5 3. Submit a screenshot of MySQL Workbench or phpMyAdmin showing the tables of an menagerie1 database. Page 4 Sam Houston State University Professor Min Kyung An Write the code following the aforementioned instruction, and save it as index.php in the c:nxamppnhtdocsndbclass folder. Load the web page written in the code. 4. Submit a screenshot showing the newly loaded web page. It must be successfully displaying all the tables of an menagerie1 database. Next, create a new table named users with the following columns: userid, password, first name, last name, regdate, and permit. You can use MySQL Workbench or php- MyAdmin to create the table. create table users (userid varchar(16) not null primary key, password varchar(41) not null, first name varchar(40) not null, last name varchar(40) not null, regdate date not null, permit tinyint unsigned not null); 5. Submit a screenshot of MySQL Workbench or phpMyAdmin showing the tables of an menagerie1 database. Load the web page written in the code index.php again. 6. Submit a screenshot showing the web page. It must be successfully displaying all the tables (including the new users table) of an menagerie1 database. 3.2 Displaying Data of a Table Selecting data through a PHP using a MySQL takes the following four steps: 1. Make a connection to the database. 2. Create a safe query with the command. 3. Run the query. 4. Read the results. The code in Figure 6 displays the data of the pet table. Please self-study the PHP syntax, if needed. Write your index.php code to display the data of the pet table as shown in the figure. 5. Submit a screenshot of MySQL Workbench or phpMyAdmin showing the data of pet table. Load the web page written in the code index.php again. 6. Submit a screenshot showing the web page. It must be successfully displaying all the data of pet table. 7. Submit the source code, index.php. Page 5 Sam Houston State University Professor Min Kyung An Figure 6 4 Inserting Data into a Table in a Database Save the following six files in the c:nxamppnhtdocsndbclass folder: registi.php, registo.php, login.php, logout.php, db.php, layout.inc Open db.php code on your editor, and find the following statement: $this->db = new mysqli(`localhost', `root', `your pwd', `your menagerie1') Change your pwd to your password, and your menagerie1 to your database name. 4.1 Setting Up Forms Before you read this section, open registi.php code on your editor, and have your name in the code (not to lose credits). Load the web page entering http://localhost/dbclass/ registi.php on your web browser.