View Full Version : Basic PHP-security must knows?
MrApples
11-06-2007, 10:08 PM
Anyone have a link to, or have in mind a list of the basic PHP must knows when it comes to security? I'm not even sure what 'injections' are but I know they have something to do with forms.
Guest190829
11-07-2007, 01:20 AM
Adrian has written a really nice article here:
https://vborg.vbsupport.ru/showthread.php?t=154411&highlight=Security
This keeps vBulletin specifics in mind.
You can always check the PHP manual as well:
http://www.php.net/manual/en/security.php
Andrew Green
11-07-2007, 01:54 AM
Anyone have a link to, or have in mind a list of the basic PHP must knows when it comes to security? I'm not even sure what 'injections' are but I know they have something to do with forms.
Injections are not "really" php, but SQL.
A rather simple way of understanding what a SQL injection is: http://xkcd.com/327/ :D
Basically it comes down to never trusting the user, meaning having a very strong filter in between anything they can input and what gets sent to the database.
Marco van Herwaarden
11-07-2007, 03:49 AM
Hehe, that comic is spot on.
MrApples
11-08-2007, 02:05 AM
Thanks. That clears up the whole how they can break in thing big time.
Adrian Schneider
11-08-2007, 05:59 AM
love the comic :D
vBulletin® v3.8.12 by vBS, Copyright ©2000-2024, vBulletin Solutions Inc.