zgkhoo Posted October 7, 2007 Share Posted October 7, 2007 hi, currently i designing one website using php, may i know wat security issue need to be concern when design it? eg to prevent hacker hijack the browser or hack the website. or have any url talk abt this? thanks.... Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted October 7, 2007 Share Posted October 7, 2007 LOL use sessions instead of cookies, make sure you escape your SQL with mysql_real_escape_string and strip_tags. Quote Link to comment Share on other sites More sharing options...
zgkhoo Posted October 7, 2007 Author Share Posted October 7, 2007 mysql_real_escape_string and strip_tags. <---wats that? " <---this? just concern wat u meantion? nothing else? Quote Link to comment Share on other sites More sharing options...
d.shankar Posted October 7, 2007 Share Posted October 7, 2007 mysql_real_escape_string wards off SQL Injection attacks strip_tags wards off XSS Attacks Hope that makes a little sense Quote Link to comment Share on other sites More sharing options...
ludjer Posted October 7, 2007 Share Posted October 7, 2007 this is a function i run before i put anything into a sql query <?php function sql_safe($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } if (!is_numeric($value) || $value[0] == '0') { $value = mysql_real_escape_string($value); } return $value; } ?> i also run this function to what ever the user puts in: $comment = htmlspecialchars($comment); htmlspecialchars() takes away all the html characters read more about it here http://za.php.net/manual/en/function.htmlspecialchars.php also have a look here http://www.talkphp.com/showthread.php?p=1804#post1804 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.