Jump to content


Photo

Secure Processing - User Input Validation


  • Please log in to reply
No replies to this topic

#1 tacnev

tacnev
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 21 March 2006 - 06:11 PM

Hi all,

I've found this site during searching google for my security questions.
One of the biggest problem in web programming is securiy. There are lots of "to-do's" but sometimes we can miss the simple points.

I am working on a link manager project which will be usable by public.

I decided to implement "limit the allowed characters" method for protection. For example;

I am using
$string = eregi_replace('[^a-zA-Z0-9]','',$string);
return $string;
for parsing and cleaning user inputs.

But the problem is parsing and inserting the user provided url's to db ...
How should i handle user urls ?

I am redirecting users with this frame setup;
<frame name="main" src="<?=$url;?>" scrolling="auto">

Any idea ?
Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users