Current location: Hot Scripts Forums » Programming Languages » PHP » PHP scripts security


PHP scripts security

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 10-23-03, 03:45 AM
khibinite khibinite is offline
Newbie Coder
  
Join Date: Jun 2003
Location: Russia, Murmansk region, Kirovsk city
Posts: 22
Thanks: 0
Thanked 0 Times in 0 Posts
PHP scripts security
Hello there!

I'd like to ask advanced PHP programmers about potential security problems which are possible by development of serious PHP applications.

I heard a lot about security troubles in know PHP apps (like PHPNuke). Which aspects should I control more strong to leave such problems?

Sorry my poor English, I hope you got my base reflection.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiShare on FacebookShare on Stumble UponShare on Twitter
Reply With Quote
  #2 (permalink)  
Old 10-23-03, 04:15 AM
Stefan's Avatar
Stefan Stefan is offline
Junior Code Guru
  
Join Date: Jun 2003
Location: Utrecht, The Netherlands
Posts: 599
Thanks: 0
Thanked 0 Times in 0 Posts
there are a lot of articles on this topic. you should do a google on "php security" or something like that.

very important things to notice are filetype checking when you have a file upload, cross site scripting issues (functions like htmlspecialchars and htmlentities are useful here) and interaction with the database (addslashes (for things going into the database) and stripslashes (for things coming out of the database) are useful here).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiShare on FacebookShare on Stumble UponShare on Twitter
Reply With Quote
  #3 (permalink)  
Old 10-23-03, 07:13 AM
khibinite khibinite is offline
Newbie Coder
  
Join Date: Jun 2003
Location: Russia, Murmansk region, Kirovsk city
Posts: 22
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Stefan
there are a lot of articles on this topic. you should do a google on "php security" or something like that.

very important things to notice are filetype checking when you have a file upload, cross site scripting issues (functions like htmlspecialchars and htmlentities are useful here) and interaction with the database (addslashes (for things going into the database) and stripslashes (for things coming out of the database) are useful here).

Thank you, I found the subject article by John Coggeshall.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiShare on FacebookShare on Stumble UponShare on Twitter
Reply With Quote
Reply

Bookmarks

« date question | XMB Portal »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PHP and MySQL ? rob2132 Hot Scripts Forum Questions, Suggestions and Feedback 4 08-29-08 03:22 AM
Custom PHP Scripts BdSBB Job Offers & Assistance 3 12-07-03 10:49 AM
Need PHP Solution - Having Trouble Finding One teamofdreamers PHP 1 10-20-03 04:58 AM
What PHP Scripts Should I Be Using? HELP HELP!! pelican PHP 2 08-20-03 03:06 AM
Running schedule PHP scripts? kdlklm PHP 3 07-30-03 02:33 AM


All times are GMT -5. The time now is 08:53 AM.
vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.