patternphpMinor
Handling new user requests from a Swift client
Viewed 0 times
swifthandlingnewuserclientrequestsfrom
Problem
I am starting to play with POST request to save in my server the user token so I can send push notifications in Swift (this is the Swift code). This is the PHP file that processes the request (please note that I will improve it using prepare statements to prevent SQL injection):
```
'Continue',
101 => 'Switching Protocols',
200 => 'OK',
201 => 'Created',
202 => 'Accepted',
203 => 'Non-Authoritative Information',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
306 => '(Unused)',
307 => 'Temporary Redirect',
400 => 'Bad Request',
401 => 'Unauthorized',
402 => 'Payment Required',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
407 => 'Proxy Authentication Required',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported'
);
return (isset($codes[$status])) ? $codes[$status] : '';
}
// Helper method to send a HTTP response code/message
function sendAPIResponse($status = 200, $body = '', $content_type = 'text/html') {
$status_header = 'HTTP/1.1 ' . $status . ' ' . getStatusCodeMessage($status);
header($status_header);
header('Content-type:
```
'Continue',
101 => 'Switching Protocols',
200 => 'OK',
201 => 'Created',
202 => 'Accepted',
203 => 'Non-Authoritative Information',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
306 => '(Unused)',
307 => 'Temporary Redirect',
400 => 'Bad Request',
401 => 'Unauthorized',
402 => 'Payment Required',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
407 => 'Proxy Authentication Required',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported'
);
return (isset($codes[$status])) ? $codes[$status] : '';
}
// Helper method to send a HTTP response code/message
function sendAPIResponse($status = 200, $body = '', $content_type = 'text/html') {
$status_header = 'HTTP/1.1 ' . $status . ' ' . getStatusCodeMessage($status);
header($status_header);
header('Content-type:
Solution
If somebody gets the correct address
Sure, why wouldn't an attacker be able to do that?
You can test this yourself, either by writing a short script, or using a plugin such as tamper data for firefox. Or, as you are using
So if you want to avoid this, you need some kind of authentication mechanism (and you obviously need to fix the SQL injection).
Other than the use of
http://www.myServer.com/api/v1.0/saveToken.php, would he be capable to send a post request adding fake users and token ids?Sure, why wouldn't an attacker be able to do that?
You can test this yourself, either by writing a short script, or using a plugin such as tamper data for firefox. Or, as you are using
REQUEST instead of POST, just pass the values as GET.So if you want to avoid this, you need some kind of authentication mechanism (and you obviously need to fix the SQL injection).
Other than the use of
mysql_ which is deprecated for a long time, and the SQL injection, your PHP code looks good. I would probably move some of the code to it's own function (such as addUser, selectUser, addToken, etc) to make it even easier to read. And instead of setting the header and status message yourself you could use http_response_code.Context
StackExchange Code Review Q#86601, answer score: 3
Revisions (0)
No revisions yet.