Results 1 to 10 of 18

[PHP] Secure your data

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Hybrid Mode
- Switch to Threaded Mode

Hybrid View

21st Jun 2010, 08:47 PM

#1
litewarez

View Profile

View Forum Posts

Private Message

Visit Homepage
Member
Website's:
```
litewarez.net
litewarez.com
triniwarez.com
```
Join Date : Nov 2008

Location : UK

Posts : 1,350

Thanks: 0
Thanked 0 Times in 0 Posts

Rep Power : 18

Reputation : (10)
Mr Happy, i dont really think using integers is a great advantage apart from sanitization i.e typecasting your can lose yourself in your code if your getting into the 100+ actions, this i would keep with reply,edit,delete what i tend to do is to develop a MVC Framework and create a sort of REST system so:

Instead of topic.php?mode=reply&id=22 i would do

/topic/reply/22/

this way you only have to sanitize the topic/reply values so that they only allowed to be called IF the function exists within the topic class, this gives better security then within the reply method i just intergize the 3rd param.

This gives alot more structure and security to your code.

litewarez Reviewed by litewarez on 21st Jun 2010. [PHP] Secure your data One of the biggest concerns of all developers or any webmaster running a custom script (no support for it) is security, and since hackers are making sure to reach every hole, we need to make sure it's closed before they reach it. If you run your inputs through a database or just temporarily displaying it on your website, or even executing shell commands, you need to make sure that your entries are escaped, or clean in other words. Some of the most common functions to clean or escape in Rating: 5

Join Litewarez.net today and become apart of the community.
Unique | Clean | Advanced (All with you in mind)
Downloads | Webmasters

Notifications,Forum,Chat,Community all at Litewarez Webmasters
Register To Reply Ping