SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Thread: php security

  1. #1
    SitePoint Member grrrid's Avatar
    Join Date
    Jul 2003
    Location
    @home
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question php security

    i need some tips/links/articles/etc. to make my php scripts more secure.

    who do you protect your php scripts against attacks?

    it would be great if we can collect a big link collection for this topic
    maybe this thread get's sticky?

  2. #2
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    About the only thing I concern myself with is

    a) mysql_escape_string() every single user passed value into my SQL queries.

    b) make sure my CMS's aren't hacked because of a design flaw. (i.e., I try to hack them myself, or at least break them)

    Beyond PHP scripting, I would make sure my include files (that contain mysql usernames / passwords) are in a non-web accessible directory, so that if PHP breaks on my server, my system won't be publicly laid out for the world.
    My name is Steve, and I'm a super-villian.

  3. #3
    lean mean coding machine cosmo's Avatar
    Join Date
    Aug 2001
    Location
    the cosmos
    Posts
    463
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You might want to check out Php Advisory.
    Luthfur R. - Web Developer
    PHP Lite.com - Professional PHP Scripts and Web Applications
    Calendar Express 2 - Web Based Calendar and Event Publishing System

  4. #4
    Non-Member Icheb's Avatar
    Join Date
    Mar 2003
    Location
    Germany
    Posts
    1,474
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You should also be concerned about XSS attacks. Although the site "PHP Advisory" is way outdated, you find an article there about it.

  5. #5
    SitePoint Enthusiast
    Join Date
    Feb 2003
    Posts
    76
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you should read this.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •