jonsamwell Posted January 8, 2009 Share Posted January 8, 2009 Hi everyone, I'm fairly new to programming php but have alot of experience in java and other OO languages. I am creating a login script and want it to be fairly secure. I wondered what things i could do or should be aware of regarding security issues with php scripting? Any advice appreciated Regards Jon Quote Link to comment https://forums.phpfreaks.com/topic/140007-common-security-mistakes/ Share on other sites More sharing options...
dennismonsewicz Posted January 8, 2009 Share Posted January 8, 2009 Here is are two articles on PHP security mistakes http://www.devshed.com/c/a/PHP/PHP-Security-Mistakes/ http://www.sitepoint.com/article/php-security-blunders/ Quote Link to comment https://forums.phpfreaks.com/topic/140007-common-security-mistakes/#findComment-732497 Share on other sites More sharing options...
premiso Posted January 8, 2009 Share Posted January 8, 2009 mysql_real_escape_string Any data that is coming from the form and being tested on the DB. But make sure that get_magic_quote_gpc is off before doing that or it will double escape the data, if it is not off then stripslashes on the data before using the real_escape_string. Also make sure that register_globals is off, this can cause problems. Other than that you should be good. Quote Link to comment https://forums.phpfreaks.com/topic/140007-common-security-mistakes/#findComment-732499 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.