Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page security practices

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 01-10-2012, 11:53 PM   PM User | #1
coding_begins
Regular Coder

 
Join Date: Aug 2011
Posts: 134
Thanks: 20
Thanked 0 Times in 0 Posts
coding_begins is an unknown quantity at this point
security practices
I had general question about security in php.
Suppose i have a value submitted from a form called $form that would go to the database.
What functions would good to clean it before it goes to the database.
Suppose I want to display the $form variable in the browser, what would i use to display to prevent javascript or html injection other than strip_tags.

On another note, what security practice should i follow when dealing with sessions and session varibales.
coding_begins is offline   Reply With Quote
Old 01-11-2012, 12:25 AM   PM User | #2
coding_begins
Regular Coder

 
Join Date: Aug 2011
Posts: 134
Thanks: 20
Thanked 0 Times in 0 Posts
coding_begins is an unknown quantity at this point
a bit of information cookies would also help..
coding_begins is offline   Reply With Quote
Old 01-11-2012, 12:27 AM   PM User | #3
BluePanther
Senior Coder

 
Join Date: Jul 2011
Posts: 1,226
Thanks: 3
Thanked 171 Times in 171 Posts
BluePanther is on a distinguished road
The main thing you want to watch out for is sql injection. mysql_real_escape_string() will prevent that. If you want to stop people being able to post html, you should use things like htmlentities() etc.
__________________
Useful function to retrieve difference in times
The best PHP resource
A good PHP FAQ
PLEASE remember to wrap your code in [PHP] tags.
PHP Code:
// Replace this
if(isset($_POST['submitButton']))
// With this
if(!empty($_POST))
// Then check for values/forms. Some IE versions don't send the submit button 
Quote:
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
BluePanther is offline   Reply With Quote
Reply

Bookmarks

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 07:43 AM.
Advertisement
Log in to turn off these ads.