PHP security question?

Question

PHP security question?

I just wanted to know what basic PHP security methods should I use when creating a web page that accepts articles?

I am new to PHP and wondering what will keep the fort until I am a security specialist?

+5

security php mysql

pHp Mar 26 '10 at 1:10

source share

8 answers

Nicholas Flynt · Answer 1 · 2010-03-26T01:17:43+0000

When adopting custom text that will be displayed later, you need to consider two fronts.

First, you need to protect your database from injection attacks. There is a simple PHP function for this: mysql_real_escape_string () is usually sufficient to protect your database from injection when passing this string to the repository as a value field.

, , HTML-, , . , htmlspecialchars() . ( , , .) , Markdown, , HTML , .

, , GET/POST, . , , .

MexicanHacker · Answer 2 · 2010-03-26T01:13:46+0000

, , .

? ? ? SQL-? HTML? ?

Nathan Osman · Answer 3 · 2010-03-26T01:21:13+0000

, , , PHP .

:

SQL Injection

. , :

alex · Answer 4 · 2010-03-26T01:14:52+0000

, , , .

-, (, , WYSIWYG HTML), -, , XSS ..

HTML.

intuited · Answer 5 · 2010-03-26T01:31:33+0000

, , Drupal CakePHP. , , , , . , ..

markcial · Answer 6 · 2010-03-26T09:09:08+0000

, -.

, , , , , .

, , mysql , :

if(!empty($_GET["integer_like_id_value"]){
    $integer_id_value = (int)$_GET["integer_like_id_value"];
}else{
    // that stuff seems not to be legit, die application, log error ? whatever
    die();
}

Rigertt song · Answer 7 · 2010-03-26T09:11:08+0000

Top 7 PHP Security Errors

Mikk · Answer 8 · 2010-03-26T01:33:49+0000

When your project is ready for public use, it is usually recommended to set error_reporting (0);

This will not provide more security, but it makes it difficult (usually) for bad guys to find possible security problems on your site.

PHP security question?

More articles: