1 00:00:00,530 --> 00:00:05,450 Right now we set up our single item array function to accept an ID as an attribute. 2 00:00:05,450 --> 00:00:11,110 This ID is going to come from query string in our browser. 3 00:00:11,110 --> 00:00:15,204 If someone visits details.php?id=1 our code 4 00:00:15,204 --> 00:00:20,050 passes the one to the single item array function. 5 00:00:20,050 --> 00:00:23,950 The function then uses this one to query the database. 6 00:00:23,950 --> 00:00:30,730 If someone visits details.php?id=2; then it should use two in the query. 7 00:00:30,730 --> 00:00:33,640 But what if someone types this into the web address? 8 00:00:34,890 --> 00:00:37,720 Think for a minute about what that might do. 9 00:00:38,770 --> 00:00:43,090 What if that whole string got inserted into our simple select query 10 00:00:43,090 --> 00:00:45,100 before it was executed? 11 00:00:45,100 --> 00:00:48,390 The query would look like this with a semi colon 12 00:00:48,390 --> 00:00:50,768 that comes between these two queries. 13 00:00:50,768 --> 00:00:54,990 One to retrieve the item information and one to drop the entire media table. 14 00:00:56,280 --> 00:00:59,010 If those two queries get executed. 15 00:00:59,010 --> 00:01:03,090 It would remove the entire media table from our database. 16 00:01:03,090 --> 00:01:07,100 This is the kind of thing that malicious hackers try to do to websites 17 00:01:07,100 --> 00:01:08,570 all the time. 18 00:01:08,570 --> 00:01:13,105 This kind of attack is called a sequel injection because another query, 19 00:01:13,105 --> 00:01:17,180 one you never intended to run, would be injected into your code. 20 00:01:18,230 --> 00:01:23,400 When dealing with values from outside your code, you often hear these two rules. 21 00:01:23,400 --> 00:01:25,980 Filter input, escape output. 22 00:01:25,980 --> 00:01:28,030 We've looked at both of these before. 23 00:01:28,030 --> 00:01:31,580 And you can see them being used in our suggest form. 24 00:01:31,580 --> 00:01:35,460 This is a perfect example of when you would mean to filter input. 25 00:01:35,460 --> 00:01:38,780 To make sure that you're not getting bad or harmful data. 26 00:01:39,850 --> 00:01:42,030 I would filter this in two places. 27 00:01:42,030 --> 00:01:46,398 Both when we receive the user data and also when we query our database. 28 00:01:46,398 --> 00:01:50,760 Open details.php. 29 00:01:51,775 --> 00:01:56,935 Our code takes a value for id from the queries string using a get variable. 30 00:01:56,935 --> 00:01:59,055 And puts it into a variable named id. 31 00:02:00,115 --> 00:02:02,145 This value would be considered input, 32 00:02:02,145 --> 00:02:04,975 since it comes from somewhere outside our code. 33 00:02:04,975 --> 00:02:07,905 Right now our id should always be an integer. 34 00:02:09,210 --> 00:02:11,120 For a sequel injection to work here, 35 00:02:11,120 --> 00:02:14,520 the specified id would have to be something other than an integer. 36 00:02:15,520 --> 00:02:18,700 Let's use our filter_input function like we do for the suggest form. 37 00:02:19,780 --> 00:02:26,459 This time we'll use INPUT_GET as our type and id as our name. 38 00:02:29,441 --> 00:02:34,501 Finally, since our id should always be an integer, 39 00:02:34,501 --> 00:02:40,260 we're going to use the FILTER_SANITIZE_NUMBER_ INT. 40 00:02:41,730 --> 00:02:45,350 You might also hear this process called sanitizing input 41 00:02:45,350 --> 00:02:48,810 because you are removing any harmful material from the input. 42 00:02:48,810 --> 00:02:52,310 And making sure that only clean, sanitized input comes through. 43 00:02:53,500 --> 00:02:57,580 It's good practice to sanitize the input immediately after you receive it. 44 00:02:57,580 --> 00:03:00,790 In this case we get the value from the query string and 45 00:03:00,790 --> 00:03:02,940 sanitize it in the same line of code. 46 00:03:04,330 --> 00:03:07,662 Let's move the call to our single_item_array from our functions page 47 00:03:07,662 --> 00:03:08,763 into our details page. 48 00:03:13,181 --> 00:03:18,340 We'll remove this var_dump as well. 49 00:03:18,340 --> 00:03:19,727 We want to replace our if statement. 50 00:03:23,361 --> 00:03:28,040 We'll replace the static id of one with our variable, id. 51 00:03:28,040 --> 00:03:33,430 Then we'll assign the single item array to our item variable. 52 00:03:33,430 --> 00:03:35,220 We still want to see our item array. 53 00:03:35,220 --> 00:03:37,275 So let's add a var_dump on the next line. 54 00:03:41,520 --> 00:03:44,553 Since we're now calling a function that will pull the data it needs, 55 00:03:44,553 --> 00:03:47,390 let's remove the creation of the catalog array from this page. 56 00:03:53,080 --> 00:03:54,600 We still see our notices. 57 00:03:54,600 --> 00:03:56,560 And now we see a different item. 58 00:03:56,560 --> 00:04:02,110 That's because our full catalog array function auto-assigns array keys. 59 00:04:02,110 --> 00:04:04,580 Then when we try to pull that key from the database, 60 00:04:04,580 --> 00:04:07,550 it doesn't match up with the media ID. 61 00:04:07,550 --> 00:04:10,430 Let's change our functions to use our media ID. 62 00:04:10,430 --> 00:04:15,900 Back in functions.php, we need to change the select in our full catalog array. 63 00:04:18,460 --> 00:04:22,400 We're going to add media_id. 64 00:04:22,400 --> 00:04:25,330 We then need to change our get_item_html function. 65 00:04:30,300 --> 00:04:37,344 Instead of using the id from the array key, we use our item media_id. 66 00:04:39,730 --> 00:04:40,820 Now let's go back to our browser. 67 00:04:41,940 --> 00:04:46,070 We'll hit our back button and refresh the page. 68 00:04:46,070 --> 00:04:47,880 Then will click on our seven habits book again. 69 00:04:49,130 --> 00:04:54,070 This time our ID is sixteen which matches up with the media ID in the database. 70 00:04:55,470 --> 00:04:57,360 We haven't fixed everything yet. 71 00:04:57,360 --> 00:05:02,690 But our controller code now sanitizes the input it receives from the web address and 72 00:05:02,690 --> 00:05:05,190 passes that value to our function. 73 00:05:05,190 --> 00:05:09,044 We've also modified our function to use the media id. 74 00:05:09,044 --> 00:05:14,680 The other place we want to sanitize or filter input is in the function itself. 75 00:05:14,680 --> 00:05:17,470 We will use another method of the pdo class 76 00:05:17,470 --> 00:05:20,580 to make sure that our query is not subject to a sequel injection.