e1seix Posted September 12, 2007 Share Posted September 12, 2007 Hello all, I have just completed coding for my website in PHP (mostly with the help of wonderful in the PHP Help section). As the site is now ready to launch I'm a bit "nervous" that I may not have prepared the site suffciently. I have read that people can bring down your entire site by entering info into "input forms" that you may have on your website and I was wondering if there is any real advice you can give me to ensure that I prevent sabotage from mean people and what other "must-have" or "best practice" coding would you recommend before I unleash myself on the internet. lol It's a professional affiliate site and I don't want to be ridiculed before I've even begun. Any comments and explanations much obliged. Regards, Quote Link to comment https://forums.phpfreaks.com/topic/69115-a-very-broad-question/ Share on other sites More sharing options...
Jessica Posted September 13, 2007 Share Posted September 13, 2007 google and read about sql injection and email header injection Quote Link to comment https://forums.phpfreaks.com/topic/69115-a-very-broad-question/#findComment-347556 Share on other sites More sharing options...
Sorthy359 Posted September 13, 2007 Share Posted September 13, 2007 yeah.basically only let people enter text and numbers in the fields..and things like semicollon,forward slash,etc. i would look up guides on sql injection and php security. if your iffy on how secure it is,chances are its not secure.once u read up on it and fix some things, i would still keep a back up of all the files and get a backup of ur db(assuming ur using one) once every while. Quote Link to comment https://forums.phpfreaks.com/topic/69115-a-very-broad-question/#findComment-347678 Share on other sites More sharing options...
52study Posted September 28, 2007 Share Posted September 28, 2007 sql injection is much fearfulness! Quote Link to comment https://forums.phpfreaks.com/topic/69115-a-very-broad-question/#findComment-357020 Share on other sites More sharing options...
TomKrush Posted October 9, 2007 Share Posted October 9, 2007 PHP makes it really easy to avoid this problem. mysql_real_escape_string($inputValue); Quote Link to comment https://forums.phpfreaks.com/topic/69115-a-very-broad-question/#findComment-365723 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.