PHP Security

Jun 15, 2009 Author: GDchart-Master
Ben Parker once advised his young nephew Peter, whose super-hero alter ego is Spider-man, that with great power comes great responsibility. So it is with security in PHP applications. PHP provides a rich…

PHP Validate Input

Jan 19, 2009 Author: vvaswani
In addition to escaping characters, another great to way to protect input is to validate it. With many applications, you actually already know what kind of data you are expecting on input. So the simplest…

Watch for Cross Site Scripting (XSS) Attacks in User Input

Jan 19, 2009 Author: City Hall
A web application usually accepts input from users and displays it in some way. This can, of course, be in a wide variety of forms including comments, threads or blog posts that are in the form of HTML…

Use Proper Error Reporting

Jan 19, 2009 Author: Developer
During the development process, application error reporting is your best friend. Error reports can help you find spelling mistakes in your variables, detect incorrect function usage and much more. However,…

SQL Protection of injecting in PHP applications II

Dec 12, 2008 Author: City Hall
How to prevent SQL injection code? The first rule is: Never trust in the correctness of user data entered! It's easy to say a little more complicated to make. The easiest way to prevent SQL injections…