localhost Posted September 18, 2006 Share Posted September 18, 2006 I want to know how to secure my scripts from as much as I possibly can...for $_GET$_POSTso far for POST I use htmlentities and mysql real escape string...and for $_GET i have nothing.thanks-dan Quote Link to comment Share on other sites More sharing options...
ToonMariner Posted September 18, 2006 Share Posted September 18, 2006 too big a question to answer!!!suffice to say that in any situation where you use the users input in a query or file/dir creation deletion make sure that what ever they have entered contains what you expect and NOTHING else.real_escape, preg_match, substr, preg_replace, strpos et. al. will be the tools of your trade from now on!!! ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.