Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4

Thread: Securing PHP

  1. #1
    Regular Coder
    Join Date
    Mar 2005
    Posts
    240
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Securing PHP

    Hi there
    How does one realize if a php script is secure or not? Most of the scripts i've written have been by taken bits and pieces from here and there and then adjusting them according to the project specs...

    But how do I know if it's secure against someone hacking into the database and seeing info they are not supposed to see?

    Are there general security bits out there? What sort of things are the most vulnerable and how can one prevent that?

    Thanks

  • #2
    New Coder
    Join Date
    Apr 2006
    Location
    UK
    Posts
    50
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Try having a look in here ->http://www.php.net/manual/en/security.php


    Generally, all the vulnerability comes from accepting input from users - either in the URL or in a form, and then not checking it hasn't got SQL or <SCRIPT> tags in it...

  • #3
    fci
    fci is offline
    Senior Coder
    Join Date
    Aug 2004
    Location
    Twin Cities
    Posts
    1,345
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I'd say the major ones related to not sanitizing input are SQL injection, HTTP splitting and XSS.. I was going to make a thread about security(maybe someone else can.. i've been busy) to show the common vulnerabilities and how to fix them..

  • #4
    New Coder
    Join Date
    Nov 2005
    Posts
    40
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Being somewhat of a newbie to PHP, I'd LOVE to see a thread dedicated to PHP security.

    *Nick*


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •