I don't know much about php but I do know how insecure it is and it is driving me up the wall. Why is this language insecure and what can I do to make php scripts more secure?
tiger86
16
Posting Pro
Recommended Answers
Jump to PostDeclare all of your variables and assign them a value innitially.
use constants if used on included files and such.
validate all user input, leave no open doors.
For one example, I often times use arrays for known input content and say if(in_array(blah blah)){//do somthing}else{ exit(); }, I've got dozens …
All 2 Replies
R0bb0b
344
Posting Shark
Declare all of your variables and assign them a value innitially.
use constants if used on included files and such.
validate all user input, leave no open doors.
For one example, I often times use arrays for known input content and say if(in_array(blah blah)){//do somthing}else{ exit(); }, I've got dozens of them.
exit() shuts down the entire script and it stops processing at that point. Just things like that, think like a hacker and how you would try to header/sql inject.
But these concepts are for all web languages though.
nav33n
commented:
Exactly !
+7
pritaeas
2,194
¯\_(ツ)_/¯
Moderator
Featured Poster
type:
php defensive programming
in Google and look for the two links from php-classes.org. They'll show you some things about how to address these problems.
peter_budo
commented:
Interesting suggestion
+8
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.