FUDforum: comp.lang.php » Secure website

Home » Imported messages » comp.lang.php » Secure website

Show: Today's Messages :: Polls :: Message Navigator

Re: Secure website [message #183554 is a reply to message #183544]

Wed, 30 October 2013 23:18

Graham Hobbs
Messages: 42
Registered: September 2010

Karma:

Member

On Wed, 30 Oct 2013 18:03:24 +0100, "J.O. Aho" <user(at)example(dot)net>
wrote:

> On 30/10/13 15:47, Graham Hobbs wrote:
>
>
>> Thanks for that info. It seems I need to learn the comcepts behind
>> post/get/database etc .. is this how one codes for a dialogue with my
>> site? Besides the PHP manual, might there be such things as 'template'
>> examples?
>
> The exmples at php.net are just basic ones to show how the function
> works, I suggest you read comments and look for those who talk about
> security and injection prevention and avoid examples made by Indian
> developers, those generally are prone for header/sql injections and has
> poor security awarness.
>
> Remember to always check user generated data (say name, email and other
> things they might enter in a form, or is used in an URL), have white
> lists which contains which type of data you allow, for example you may
> only allow names written with latin characters, then regexp so it only
> contains lating characters and if there is something else, just throw
> out an "invalid data" error or ask the user to enter proper data and do
> not process anything futher untill you have OK data.
--
all noted, thanks muchly!

Report message to a moderator

[Message index]

		Secure website By: Graham Hobbs on Wed, 30 October 2013 03:02
		Re: Secure website By: Denis McMahon on Wed, 30 October 2013 03:26
		Re: Secure website By: J.O. Aho on Wed, 30 October 2013 05:52
		Re: Secure website By: Graham Hobbs on Wed, 30 October 2013 14:47
		Re: Secure website By: J.O. Aho on Wed, 30 October 2013 17:03
		Re: Secure website By: Graham Hobbs on Wed, 30 October 2013 23:18
		Re: Secure website By: Jerry Stuckle on Wed, 30 October 2013 18:56
		Re: Secure website By: Graham Hobbs on Wed, 30 October 2013 23:15
		Re: Secure website By: Jerry Stuckle on Thu, 31 October 2013 03:03
		Re: Secure website By: Graham Hobbs on Thu, 31 October 2013 14:27
		Re: Secure website By: Jerry Stuckle on Thu, 31 October 2013 15:24
		Re: Secure website By: Graham Hobbs on Thu, 31 October 2013 16:47
		Re: Secure website By: Jerry Stuckle on Fri, 01 November 2013 00:36
		Re: Secure website By: David Quinton on Thu, 31 October 2013 10:24
		Re: Secure website By: Graham Hobbs on Thu, 31 October 2013 14:28

Previous Topic:	reading files with accents in the filename from PHP
Next Topic:	No action desired until one button is clicked

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Tue Nov 26 21:06:29 GMT 2024

Total time taken to generate the page: 0.04425 seconds