In your opinion, how could this example code snippet compromise overall server and site specific security:

<?php

            $conexion = mysql_connect("host","user","pass");
            mysql_select_db("bbdd", $conexion);

            $query = mysql_query("SELECT  comment_author, comment_author_url, count(comment_author_url) as c FROM wp_comments where comment_author_url<>'' group by comment_author_url order by count(comment_author_url) desc", $conexion);
            echo "<ol>";
            while ($row = mysql_fetch_array($query)) 
            {
              if ((strlen($row["comment_author_url"])>8) and ($row["comment_author_url"]<>"http://www.tudominio.com"))
              {             
                 echo "<li><strong>".$row["comment_author"]."</strong>  &nbsp; <font color='#666666' size='-2'>".$row["c"]." comments</font><br />[<a href='".$row["comment_author_url"]."' target='_blank'>".$row["comment_author_url"]."</a>]<br /><br /></li>";
                 }

               }
            echo "</ol>";   

            ?>

2 answers

1
point

Only if that file is accessible without being executed. Assuming that there is no way for an attacker to read out the file, then things should be fine.

Answered over 7 years ago by Rich Bradshaw
1
point

I'm going to echo Rich. As long as you're sure the file will never be displayed as plaintext and will only be processed by PHP, then you should be fine. Though, best-practices dictate you should have the information stored in a configuration file that is outside the scope of your web root.

Answered over 7 years ago by Nathan DeGruchy