PHP form security ? SQL injection etc

Author Topic: PHP form security ? SQL injection etc  (Read 2690 times)

Offline cookiemonsterTopic starter

  • Trade Count: (0)
  • Semi-Newbie
  • *
  • Thank You 2
  • Posts: 33
  • Karma: 2
  • More Cookies !!!
PHP form security ? SQL injection etc
« on: 05-08-2010, 06:11:37 »
Hi guys,

I'm really concerned about my HTML forms and how I can make them bullet proof in terms of security. What are the main things I need to on the PHP side to make sure my forms and the data being passed to the backend are secure and not vulnerable to SQL injection and other XSS attacks ?

Thanks


Offline Alex

  • Trade Count: (0)
  • Jr. Member
  • **
  • Thank You 2
  • Posts: 65
  • Karma: 2
Re: PHP form security ? SQL injection etc
« Reply #1 on: 05-14-2010, 09:16:26 »
Use always htmlspecialchars function. It will prevent from almost all injections.

Offline ryosuzuki

  • Trade Count: (0)
  • Jr. Member
  • **
  • Thank You 2
  • Posts: 98
  • Karma: 3
Re: PHP form security ? SQL injection etc
« Reply #2 on: 06-05-2010, 09:34:39 »
there's plent of special escape char functions available to shield yourself from dodgy inputs. Use them, test their working and don't give people a chance.

 

Related Topics

  Subject / Started by Replies Last post
0 Replies
1085 Views
Last post 03-13-2012, 20:06:49
by jenli29
0 Replies
1186 Views
Last post 07-12-2012, 03:04:05
by Telly
6 Replies
3268 Views
Last post 01-19-2014, 04:46:26
by Kasi Viswanathan
0 Replies
785 Views
Last post 12-30-2015, 03:56:05
by chinmay.sahoo
1 Replies
790 Views
Last post 05-13-2016, 03:09:42
by TomClarke