I don't know much about php but I do know how insecure it is and it is driving me up the wall. Why is this language insecure and what can I do to make php scripts more secure?
tiger86 16 Posting Pro
R0bb0b 344 Posting Shark
Declare all of your variables and assign them a value innitially.
use constants if used on included files and such.
validate all user input, leave no open doors.
For one example, I often times use arrays for known input content and say if(in_array(blah blah)){//do somthing}else{ exit(); }, I've got dozens of them.
exit() shuts down the entire script and it stops processing at that point. Just things like that, think like a hacker and how you would try to header/sql inject.
But these concepts are for all web languages though.
nav33n commented: Exactly ! +7
pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster
type:
php defensive programming
in Google and look for the two links from php-classes.org. They'll show you some things about how to address these problems.
peter_budo commented: Interesting suggestion +8
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.