Mudsaf Posted June 6, 2012 Share Posted June 6, 2012 Could some of you tell me the basic protection that PHP & MySQL website needs. For example new stuff to me was SQL injection. Q: How to prevent website from SQL injection?Q: What other protection websites require than SQL injection protect? I know that the password should be crypted but somehow i think its not enough or is it? Link to comment Share on other sites More sharing options...
birbal Posted June 6, 2012 Share Posted June 6, 2012 How to prevent website from SQL injection?use mysqli_real_escape_string() or other escaping functions. but most secure is prepared statement.What other protection websites require than SQL injection protect?this is a too vague. there is lot of things there to consider and depends on what your application suppose to do.. if you want to make much secure scripts its better to be stay updated with different attacks and maintain basic secure coding principals. http://owasp.org <=check this Link to comment Share on other sites More sharing options...
Mudsaf Posted June 6, 2012 Author Share Posted June 6, 2012 Ill check thanks for information! Link to comment Share on other sites More sharing options...
sumbin Posted June 6, 2012 Share Posted June 6, 2012 use mysqli_real_escape_string() or other escaping functions. but most secure is prepared statement. yes !! we can use this php function but the actaul problem is when a hackers use hexadecimal input!! how to prevent it?? Link to comment Share on other sites More sharing options...
birbal Posted June 6, 2012 Share Posted June 6, 2012 escaping works on single byte charset well it has some issues in multi byte. utf-8 multi byte use hex values. prepare statment has not such an issue thus using it is safe with that. and also. hex values are genraly treated as string. if it is in character type column the each two digits of hex represent a character. if it is integer type it just represent the integer value of the hex represntetion. Link to comment Share on other sites More sharing options...
niche Posted June 6, 2012 Share Posted June 6, 2012 (edited) You also might want to read this topic. on security, that's developing right now. It has already given me many ideas. A couple of them are completely new to me. http://w3schools.inv...=0 EDIT: The older I get, few things experiences are more profound than learning about a completely new way of constructively thinking about something I thought I understood. Edited June 6, 2012 by niche Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now