How easy is this to get past? (if “crazypassword” indeed is a crazy password)
$skey = stripslashes(strval($_REQUEST["key"]));
if ($skey == "crazypassword") {
echo 'inside';
}
else {
echo 'not inside';
}
Just curious…
Your code itself is not bypassable. The stripslashes and strval are actually useless in this particular case because they are irrelevant to checking whether $skey equals “crazypassword”. However, security is much more than an if-check in your code.
You are using $_REQUEST, which means that users can provide the value for “key” through a POST request, a GET request, or using a cookie. If one of your users has a cookie that holds the “key” value, it can possibly be intercepted by a third party if you are vulnerable to other exploits (most notably XSS). They would then be able to read the password from the stolen cookie. Come to think of it, if you are vulnerable to XSS exploits they could also potentially steal it after your users have filled it in using a legitimate form on your site.
Generally it’s not a good idea to use $_REQUEST over the other superglobals like $_GET, $_POST and $_COOKIE, because it effectively provides more ways for an attacker trying to find vulnerabilities. There’s nothing wrong with demanding your data to be POST data if that’s what your forms send; your users shouldn’t be tampering with the way your forms send their data. If they do, then you’ve usually got an attacker on your hands trying to find ways to exploit your site, and their requests should be ignored whenever possible.
It’s used to access a XML file. The password is static and will not be stored anywhere whatsoever, apart from in the php file that writes it… I guess if someone hacks the server and download the php file they can read the password but … so be it 
thanks for the reply, I appreciate the lengthy response.
