I've been learning a bit of PHP in my spare time and was trying to learn a bit about how to use regex when i came across this website http://www.phpfreaks.com/tutorial/php-security It contains useful security tips on how to make your webpage(s) secure against xss attacks, mysql injection, and remote file inclusion. And I think there was another but i really cant remember. I strongly urge anyone learning PHP(like myself) to take the time to read this article so you don't make a completely insecure website. PS: Robert'); DROP TABLE Students;-- That really made me laugh :x
Well, i agree with you. You learn what is conventional and how everyone else writes their scripts. But I personally think its better to fully understand why the scripts are wrote the way they are. Doing things by example is great, but knowing why you are doing it is greater. Knowledge is power .
Thanks it is that I need. I have learnt about php forms at php tutorial, and now I am interested in security
I know it's an old topic but actually that's the main reason I have visited this board today. To learn more about how to build secure webapplication. (-: Thanks a lot for sharing!
This is an old thread, today I am recommend everyone to use PDO. Anyhow, mysql_* is removed from PHP > 5.5