472,956 Members | 2,681 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > security in php code

Join Bytes to post your question to a community of 472,956 software developers and data experts.

security in PHP code

Hi,
I need information about the security in PHP code, I mean in the code itself
not in the setting because I'll put my code at a host.
In other words, I need the developper part of the security not the host
part.
can you please give me some hints, links,...
thanks.

Jul 17 '05 #1
3 1343
On Tue, 3 Feb 2004 17:53:09 -0500, "toufik toufik"
<to*****@sympatico.ca> wrote:
Hi,
I need information about the security in PHP code, I mean in the code itself
not in the setting because I'll put my code at a host.
In other words, I need the developper part of the security not the host
part.
can you please give me some hints, links,...
thanks.


PHP security is an extremely broad topic, so it's difficult to answer
your question directly.

The biggest rule of thumb is NEVER trust information coming from a
client. Check and re-check all input, use pattern matching to strip
out characters that don't belong there, etc. Lack of input validation
is one of the biggest and most common developer mistakes out there.

Here are some more links:

Secure Programming in PHP
http://www.zend.com/zend/art/art-oertli.php
Writing Secure Scripts with PHP 4.2!
http://www.sitepoint.com/article/758
PHP Security, Part 1 and 2
http://www.onlamp.com/pub/a/php/2003...undations.html
http://www.onlamp.com/pub/a/php/2003...undations.html
Also, make yourself intimately familiar with the information on this
site. ;)

http://www.securityfocus.com/

This is where you can read up on past mistakes vendors have made
(Bugtraq/Vulnerabilities), and also several security-related articles
on a variety of topics like XSS, SQL injection, etc.
(Library/Infocus).

Hope that helps get you started anyway...

Jul 17 '05 #2
Or if what's coming from the client is a number, cast it into an integer.

Uzytkownik "auntie social" <no@thanks.sucker> napisal w wiadomosci
news:am********************************@4ax.com...
On Tue, 3 Feb 2004 17:53:09 -0500, "toufik toufik"
<to*****@sympatico.ca> wrote:
The biggest rule of thumb is NEVER trust information coming from a
client. Check and re-check all input, use pattern matching to strip
out characters that don't belong there, etc. Lack of input validation
is one of the biggest and most common developer mistakes out there.

Jul 17 '05 #3
Thanks a lot

"toufik toufik" <to*****@sympatico.ca> wrote in message
news:nD********************@news20.bellglobal.com. ..
Hi,
I need information about the security in PHP code, I mean in the code itself not in the setting because I'll put my code at a host.
In other words, I need the developper part of the security not the host
part.
can you please give me some hints, links,...
thanks.

Jul 17 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
Remoting Question dealing with Microsoft.Samples...SSPI,Security
by: Sean Newton | last post by:
I am absolutely bewildered by now by the Microsoft.Samples SSPI and Security assemblies. I've been trying to set these up in a very straightforward harness in the way that I'd like to be able to...
.NET Framework
6
Links for .NET security stuff
by: Olaf Baeyens | last post by:
Can someone out there point me to a URL or other reference how to use these security stuff in .NET? I know everything can be found online on the msdn but since I am new to this security stuff, I...
.NET Framework
1
Article : Code Access Security Part - 2 (.Net FrameWork Tools Series)
by: Namratha Shah \(Nasha\) | last post by:
Hey Guys, Before we start with our sample app we need to view the security configuration files on the machine. You will find them under <drive>\WInNT\Microsoft.NET\FrameWork\<version>\Config ...
.NET Framework
116
Security - more complex than I thought
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data...
Microsoft Access / VBA
2
Framework Security Configuration
by: Matt Theule | last post by:
Where can I find information about Runtime Security Policies? I have a winform that is hosted in a webform that needs to access the filesystem. Using the Configuration mmc snapin, I have created a...
C# / C Sharp
1
Security Issue
by: web1110 | last post by:
Hi, I set up my wifes machine to run .NET, some of my stuff runs but not all. First example: I have a windows program that displays environment info. It runs fine on my machine. Whan I...
C# / C Sharp
0
Article : Code Access Security Part - 1 (.Net FrameWork Tools Series)
by: Namratha Shah \(Nasha\) | last post by:
Hey Guys, Today we are going to look at Code Access Security. Code access security is a feature of .NET that manages code depending on its trust level. If the CLS trusts the code enough to...
.NET Framework
16
Adjusting security setting to run an embedded windows control in IE
by: Marina | last post by:
Hi, I am trying to find the minimum security settings to allow a windows control embedded in IE have full trust. If I give the entire Intranet zone full trust, this works. However, this is...
ASP.NET
5
User Control Security on .Net 2.0
by: Norsoft | last post by:
I have a .Net 1.1 application which is downloaded into an aspx page. It is a dll which inherits from System.Windows.Forms.UserControl. It works fine on a PC with only the 1.1 Framework. However,...
ASP.NET
3
FxCop App Security
by: Velvet | last post by:
I ran FxCop on one of the components for my web site and the security rules what me to add " tags like the ones listed below: This breaks my ASP.NET application. So my question is,...
ASP.NET
2
Windows 11 and Access Combo Box Issue
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
Microsoft Access / VBA
2
isladogs
Access Europe meeting on Wed 4 Oct - The future of Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 4 Oct 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
Microsoft Access / VBA
0
How to find best mobile app development company in usa
by: Aliciasmith | last post by:
In an age dominated by smartphones, having a mobile app for your business is no longer an option; it's a necessity. Whether you're a startup or an established enterprise, finding the right mobile app...
Mobile Development
2
Energy Model code modification to account for year dependent interest rate
by: giovanniandrean | last post by:
The energy model is structured as follows and uses excel sheets to give input data: 1-Utility.py contains all the functions needed to calculate the variables and other minor things (mentions...
Python
4
NeoPa
Send Current Object to PDF
by: NeoPa | last post by:
Hello everyone. I find myself stuck trying to find the VBA way to get Access to create a PDF of the currently-selected (and open) object (Form or Report). I know it can be done by selecting :...
Microsoft Access / VBA
3
NeoPa
VBA Class Basics
by: NeoPa | last post by:
Introduction For this article I'll be using a very simple database which has Form (clsForm) & Report (clsReport) classes that simply handle making the calling Form invisible until the Form, or all...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 1 Nov - Using SQL Server skills to extend Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 1 Nov 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM) Please note that the UK and Europe revert to winter time on...
Microsoft Access / VBA
3
Finding a record, and then saving a new record after the record has been amended.
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 6 Dec - Streamline Your Import/Export Spec Workflow with VBA Classes
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!