I just don't get it. If you protect the above two, other than server hacking, or if you have file uploads,
what other ways are there for a user to hack your site. Even if the user knows the directory structure of the site?
I built my site, and I'm about to upload it, My hosting company is one of the best, and I don't have file any uploads in the site, So, what more would you watch out for, if you were in my solution?
btw, I am using mysql so, by inputs I mean all (GET & POST ) are protected with regex, htmlentities, mysql_real_escape_string()
functions.
thanks in advance