Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    May 2009
    Location
    Pennsylvania, United States
    Posts
    54
    Thanks
    16
    Thanked 0 Times in 0 Posts

    Post Security tips, anyone?!

    We all know that a 100% secure script is a "virtual impossibility" as the PHP manual puts it.

    I'm writing my own CMS, and need some security tips to make the script as secure as I possibly can.

    Here is what I have so far:

    1. Cleanse all data submitted through ANY form
    2. Check each page and make sure it is valid (so if someone attemted to include a malicious page, it would return an error and not run that script)
    3. MD5/Crypt password
    4. Use of tokens to prevent CSRF


    Any more suggestions?

  • #2
    New Coder
    Join Date
    Jun 2009
    Posts
    18
    Thanks
    0
    Thanked 2 Times in 2 Posts

  • #3
    Regular Coder funnymoney's Avatar
    Join Date
    Aug 2007
    Posts
    364
    Thanks
    17
    Thanked 24 Times in 24 Posts
    Quote Originally Posted by johnnnn View Post
    2. Check each page and make sure it is valid (so if someone attemted to include a malicious page, it would return an error and not
    to include malicious page? how to do that...


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •