Everything works fine, but I created a comment deletion page where a user can check their past comments check mark them and hit delete to delete them. This worked fine but I programmed it to only bring up the comments they posted via their username and then I set them to delete on the action php script via that comments unique incremental ID as well; BIG MISTAKE!!
I forgot to use and to compare the current user in session AND check the comment ID instead I just deleted comments based on the comment ID and not the comment ID and the poster i.e. user.
So I tried it I fired up XAMMP and starting throwing PHP $_POST actions from my own machine 127.0.0.1 at the remote PHP action script hosted on my site by go daddy and since there was no checking of the user someone could simply delete ANY comment from the table by POSTING a any comment ID they wanted...If I left this alone I'd soon get my own comment moderator and I might not even know it(Oh Great!).
I'm not quite used to web programming based stuff yet and this just came to me tonight. Nobody exploited this vulnerability but it scares the crap out of me. I really never thought about users posting their own malicious stuff out of the bounds of what I thought they can do.
So I know a lot of you are like this guys an idiot but I'm learning. I know about SQL injection but what the heck is it called when someone sends MALICIOUS POSTS to an action php script?
The last part of my question is what can I do besides (pay more attention to checks and bounds of a MYSQL commands) to keep this kind of scary crap from happening? I'm scared!!
This post has been edited by adn258: 03 October 2012 - 02:11 AM