matskn Posted February 27, 2008 Share Posted February 27, 2008 Hi guys! my first post here.. Im working on a php/mysql script securing an apache server. I have SSL certificate auth, but will also implement a login site for users. What i need is to avoid all sqlinjections etc.. Generally to avoid all security breaches through my sessions and inputforms. I would also like to check wheter the input fields contain other chars than numbers and letters.. Best regards Link to comment https://forums.phpfreaks.com/topic/93305-security-on-loginscripts/ Share on other sites More sharing options...
trq Posted February 27, 2008 Share Posted February 27, 2008 What mysql interface are you using? If PDO, use prepared statements, these are pretty well safe of sql injection. Otherwise, mysql_real_escape_string should do a good job. Link to comment https://forums.phpfreaks.com/topic/93305-security-on-loginscripts/#findComment-477920 Share on other sites More sharing options...
matskn Posted February 27, 2008 Author Share Posted February 27, 2008 dont have PDO im afraid :-\ got any good answer to check if a string only contains numbers and letters? Link to comment https://forums.phpfreaks.com/topic/93305-security-on-loginscripts/#findComment-477938 Share on other sites More sharing options...
trq Posted February 27, 2008 Share Posted February 27, 2008 got any good answer to check if a string only contains numbers and letters? preg_match(). Link to comment https://forums.phpfreaks.com/topic/93305-security-on-loginscripts/#findComment-477944 Share on other sites More sharing options...
matskn Posted February 27, 2008 Author Share Posted February 27, 2008 thanks :-) will try that out Link to comment https://forums.phpfreaks.com/topic/93305-security-on-loginscripts/#findComment-477953 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.