Announcement

Collapse
No announcement yet.

If you code in PHP, and/or use Databases, READ THIS NOW!

Collapse
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • If you code in PHP, and/or use Databases, READ THIS NOW!

    I happened across this article while researching PHP Security. It has some of the most important information a programmer could ever need, and is a must read for anyone who is just beginning to program or is a seasoned veteran.

    http://www.addedbytes.com/security/writing-secure-php
    ---> Section 1 has 3 sub-sections
    http://www.addedbytes.com/security/writing-secure-php-2
    ---> Section 2 has 3 sub-sections
    http://www.addedbytes.com/security/writing-secure-php-3
    ---> Section 3 has 5 sub-sections
    Last edited by Pegasus; 06-03-2009, 02:24 PM. Reason: new domain

  • aidanmattoxx
    replied
    PHP security is very important form the programmer point of view. Security is very serious and precious issue when the transmission of data occur from the source to the destination. The following link is useful in this regard.
    http://phpsec.org/
    PHP Security Consortium is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. The various members of the PHPSC help PHP developers about security through a variety of resources. These include documentation, tools and standards.

    Leave a comment:


  • unismartin
    replied
    Hi

    Interesting and very useful post. I am very new to php and you make me clear about the security in it.

    Leave a comment:


  • 50stephtml
    replied
    Awesome post Chad. I read all of them and they really helped. I never even knew about this.

    Leave a comment:


  • Pegasus
    replied
    Thanks for the update, Garrett. It's been changed.

    Leave a comment:


  • GarrettW
    replied
    The links in the original post need to be updated: "ilovejackdaniels.com" is no longer the correct domain, since Jack Daniel's contacted the site's owner and made him move to a different domain. The current domain is "addedbytes.com".

    Leave a comment:


  • Pegasus
    replied
    You've got my attention, Chad. It's an interesting read.

    Peg

    Leave a comment:


  • Chad Roe
    replied
    I just re-read this, and had surprisingly forgotten a few things (and I write/edit PHP on a daily basis)...I also read the "claroline" article erisco has in his signature, another good read! I am glad this is a sticky, as all new PHP coders really need to give this a thorough read, as well as "old-hat" PHP coders, because they can easily and quickly forget very pertinent information they once knew! Anyway, just wanted to post again, and maybe get the attention of the ones who haven't read this lately, or even at all.

    Leave a comment:


  • scoutt
    replied
    it was at one time and somebody unstickied it. I will do it again.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Maybe you should sticky it, then.

    Leave a comment:


  • scoutt
    replied
    Originally posted by erisco View Post
    Old thread o_0
    so, good information and I am glad he brought it back to the top.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Old thread o_0

    Leave a comment:


  • themanwhowas
    replied
    i hate those god damn users. I'll ban them all

    Leave a comment:


  • Sedativechunk
    replied
    Excellent find. Here is another site I found that has some more things you should disable in your php.ini file for better security:

    http://www.claroline.net/wiki/index.php/Security

    It makes me sleep better at night knowing there is added security to my site . I combined things to disable from jack daniels and this site I found with some examples of how to disable the bad features of PHP entirely. I know my sites not huge, but you can't trust any of your users as JD's site says.

    Leave a comment:


  • acslater323
    replied
    Excellent post, Chad. Thank you for that.

    Leave a comment:

Working...
X