A Very Broad Question

[e1seix]

Hello all,

 

I have just completed coding for my website in PHP (mostly with the help of wonderful in the PHP Help section). As the site is now ready to launch I'm a bit "nervous" that I may not have prepared the site suffciently.

 

I have read that people can bring down your entire site by entering info into "input forms" that you may have on your website and I was wondering if there is any real advice you can give me to ensure that I prevent sabotage from mean people and what other "must-have" or "best practice" coding would you recommend before I unleash myself on the internet. lol

 

It's a professional affiliate site and I don't want to be ridiculed before I've even begun.

 

Any comments and explanations much obliged.

 

Regards,

[Jessica]

google and read about sql injection and email header injection

[Sorthy359]

yeah.basically only let people enter text and numbers in the fields..and things like semicollon,forward slash,etc. i would look up guides on sql injection and php security. if your iffy on how secure it is,chances are its not secure.once u read up on it and fix some things, i would still keep a back up of all the files and get a backup of ur db(assuming ur using one) once every while.

[52study]

sql injection is much fearfulness！

 

[TomKrush]

PHP makes it really easy to avoid this problem. 

 

mysql_real_escape_string($inputValue);