TalkPHP - View Single Post

sketchMedia · 10-18-2007, 03:23 PM

Good article, made for interesting reading.

A generic rule to apply (the very basic attack prevention) is "filter input, escape output" just be paranoid about everything that is inputted into your system, start now if you dont so you dont have to learn the hard way :(

There is also another quite common session security issue with php, if your site is its on a shared host ie its not on its own dedicated server.

An good article explaining what it is and how to prevent it: http://phpsec.org/projects/guide/5.html

There are some other interesting security articles on that site too

peace out

10-18-2007, 03:23 PM	#21 (permalink)
sketchMedia The Prestige Join Date: Oct 2007 Location: Manchester, UK Posts: 854 Thanks: 32	Good article, made for interesting reading. A generic rule to apply (the very basic attack prevention) is "filter input, escape output" just be paranoid about everything that is inputted into your system, start now if you dont so you dont have to learn the hard way :( There is also another quite common session security issue with php, if your site is its on a shared host ie its not on its own dedicated server. An good article explaining what it is and how to prevent it: http://phpsec.org/projects/guide/5.html There are some other interesting security articles on that site too peace out