...

View Full Version : security practices



coding_begins
01-11-2012, 12:53 AM
I had general question about security in php.
Suppose i have a value submitted from a form called $form that would go to the database.
What functions would good to clean it before it goes to the database.
Suppose I want to display the $form variable in the browser, what would i use to display to prevent javascript or html injection other than strip_tags.

On another note, what security practice should i follow when dealing with sessions and session varibales.

coding_begins
01-11-2012, 01:25 AM
a bit of information cookies would also help..

BluePanther
01-11-2012, 01:27 AM
The main thing you want to watch out for is sql injection. mysql_real_escape_string() will prevent that. If you want to stop people being able to post html, you should use things like htmlentities() etc.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum