laravel - 通过 laravel 基本认证的代码
问题描述
好的,所以我的应用程序已经完成了一半,我注意到我可以将代码传递到我的数据库中。例如,我使用标准的 laravel 身份验证,如果我输入 eg<?php die(); ?>
而不是名字,它会通过右槽并进入数据库。我现在很困惑,我认为 laravel 会处理这些事情,这就是我选择这个框架的原因之一。这是我最后的手段,我一直在 laravel 文档和整个网络上搜索有关此的内容,但一无所获。
注册控制器:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\User;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'role' => ['required', 'string', 'max:100'],
'gendre' => ['required', 'string', 'max:100'],
'firstname' => ['required', 'string', 'max:100'],
'lastname' => ['required', 'string', 'max:100'],
'country' => ['required', 'string', 'max:100'],
'company' => ['required', 'string', 'max:100'],
'phone' => ['required', 'string', 'max:15'],
'email' => ['required', 'string', 'email', 'max:100', 'unique:users'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return \App\User
*/
protected function create(array $data)
{
return User::create([
'role' => $data['role'],
'gendre'=>$data['gendre'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'country' => $data['country'],
'company' => $data['company'],
'phone' => $data['phone'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
]);
}
}
用户型号:
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class User extends Authenticatable implements MustVerifyEmail
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'firstname', 'lastname' , 'email','password', 'company', 'phone','country','role','gendre'
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
我只是对 laravel 已经提供的东西做了一些小的改动,没什么特别的。
和迁移:
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateUsersTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('role');
$table->string('gendre');
$table->string('firstname');
$table->string('lastname');
$table->string('country');
$table->string('company');
$table->string('phone');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('users');
}
}
解决方案
我认为这里可能会发生一些混乱!
SQL 注入攻击
Laravel 框架使用诸如准备好的语句之类的东西来防止 SQL 注入攻击。停止之类的东西
"; DELETE FROM `users`"
在插入表单请求提供的数据时附加到数据库查询中。
转义渲染字符
默认情况下,尝试将内容渲染到刀片模板中也将被转义,除非您明确告知其他情况
# $php_code = "<?php die(); ?>"
{{ $php_code }}
这将呈现为“”字符串。
# $php_code = "<?php die(); ?>"
{!! $php_code !!}
这将呈现 php 并停止脚本运行
TLDR;
输入是“ <?php die(); ?>
”的事实很好,只要它被视为一个字符串。归根结底,它只是一串有效字符
推荐阅读
- python - 如何将 json 中的索引转换为 int?
- sql - SQL 如何正确创建汇总表?
- laravel-5 - Laravel 5 获取响应头
- java - 终止线程的更复杂的方法(守护线程或 Thread.interrupt())
- node.js - 使用 NodeJs Express Web 框架在 Rest API 中使用 AWS Secrets Manager 进行密码轮换的最佳实践
- c++ - 如何将对象插入地图以使地图获得所有权?安置?
- react-native - 使用 axios 反应本机 - 使用自签名 https 端点调用 localhost 的网络错误
- json - 使用 Swift 解码器协议解码 JSON 时遇到问题
- python - 将所有 xarray 数据集值替换为常量
- reactjs - 如何将状态数据从自定义钩子传递到反应组件?