No announcement yet.

Help Request: php security tightening up

  • Filter
  • Time
  • Show
Clear All
new posts

  • Help Request: php security tightening up

    I'm currently writing up 3 pages with php...and I'm new to php. I'd like to request help from someone on ways to tighten up any holes I have (and I know I have at least one.)

    Obviously I would share the code, but only through PM and I'd like to be on TS to answer questions as they arise or to ask questions so I could learn.

    Any willing to take me up on this and help, please PM me.

    (I'd rather not handle this in the forums for obvious reasons.)

  • #2
    Re: Help Request: php security tightening up

    Make sure global variables are disabled - This will ensure that users cannot "inject" variables into your script.

    Make sure you escape and sanitize user inputted data. If dealing with a database, or shell commands, etc this is essential.

    It's unlikely you will get any hack attempts on a custom script. Usually hackers go for the big companies, or big opensource projects (phpBB, phpAuction, osDate, osCommerce, etc.)

    If you want I'll take a look over them


    • #3
      Re: Help Request: php security tightening up

      Hardened PHP

      Here's a guy that discovers Google search terms for finding vulnerable sites:

      I found these while reviewing my old forum thread on web authoring and finding lots of interesting nuggets I'd forgotten:
      Dude, seriously, WHAT handkerchief?

      snooggums' density principal: "The more dense a population, the more dense a population."

      Iliana: "You're a great friend but if we're ever chased by zombies I'm tripping you."


      • #4
        Re: Help Request: php security tightening up

        Nice finds. Thank you.




        TeamSpeak 3 Server


        Twitter Feed