Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
  • Guest, before posting your code please take these rules into consideration:
    • It is required to use our BBCode feature to display your code. While within the editor click < / > or >_ and place your code within the BB Code prompt. This helps others with finding a solution by making it easier to read and easier to copy.
    • You can also use markdown to share your code. When using markdown your code will be automatically converted to BBCode. For help with markdown check out the markdown guide.
    • Don't share a wall of code. All we want is the problem area, the code related to your issue.


    To learn more about how to use our BBCode feature, please click here.

    Thank you, Code Forum.

PHP Secure Code

simong1993

Gold Coder
Staff Team
Guardian
Hey All,

I'm building a huge system and its time to start learning how to secure PHP, I've done the basics like making sure it's not empty, making sure the database only accepts the length and characters of what I need and not unlimited but how do you guys go about securing your code
 
A lot of attacks rely on you 'echoing' the value on the page. For example, echo $user_submitted_value can be disastrous if the variable contains a malicious script or other code inside of it. You can use echo htmlspecialchars($user_submitted_value); to prevent a lot of attacks. You should always make sure your values are valid. For example, with an email you can make sure it has an @ sign, a . period . and extension, etc - however, technically name@domain is a valid email, but domains providing emails without a . period . in them (ex: gmail.com) are extremely rare. For a US number, you can make sure the number is 10 digits. You can even use something like FILTER_VAR($user_submitted_number, FILTER_VALIDATE_INT to make sure it is a valid integer. Check out FILTER_VAR() for some great validation / sanitize functions.
 

New Threads

Latest posts

Buy us a coffee!

Back
Top Bottom