Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Possible Duplicate:
Where can I find a web-project “security checklist?”
i was just wondering when creating an php/mysql app, whats the main security issues a developer is got to consider, i know this could be a major broad topic, but i just wanted an overview of where to look, and while im wrting and devloping the app, what i need to be aware of thans!! :))
VERY broad topic indeed. Just to name the basics, which ideally everyone should be aware of:
Don’t trust any user input. But this I mean sanitize all user input to prevent SQL injection
Escape all data being outputted on the page appropriately to prevent XSS vulnerabilities and cookie data.
Do not include files based on user input
Log all your errors appropriately. Ideally, in an error log.
Store passwords via a one way hash which incorporate a secure salt.
And read through Seven habits for writing secure PHP applications.