1. Unvalidated Parameters
Most importantly, turn off register_globals. This configuration setting defaults to off in PHP 4.2.0 and later. Access values from URLs, forms, and cookies through the superglobal arrays $_GET, $_POST, and $_COOKIE.
Before you use values from the superglobal arrays, validate them to make sure they don’t contain unexpected input. If you know what type [...]
Archive for August, 2008
Top Ten Security Vulnerabilities in PHP Code !
Posted in Open source, Web, php - mysql, php news on August 6, 2008 | Leave a Comment »
Categories
-
Recent Posts
News- PHP JOBS
- Brandon Savage's Blog: Exceptional PHP: Nesting Exceptions In PHP
- Jani Hartikainen's Blog: A simple way to make your code better: Stop adding more parameters
- Derick Rethans' Blog: Unix Epoch and PHP's calendar system
- Andries Seutens' Blog: Setting up phpUnderControl on Gentoo Linux
- Paul Jones' Blog: The Future of Zend Framework is Solar
- Symfony Blog: Using Propel 1.4 detailed logging
- Site News: Blast from the Past - One Year Ago in PHP
- Dylan Tack's Blog: Deployment with Capistrano (Drupal)
- NETTUTS.com: 7AMP - Creating a Development Environment
- Brandon Savage's Blog: Exceptional PHP: Extending The Base Exception Class
-
Photos
More Photos My tweets
- became proud father of a baby boy on 28th october 1 day ago
- i am back from long vacation :-) 1 day ago
- again severe headache ....taking rest at home today... 3 weeks ago
- it was really a busy week for me at office,,, had a wonderful Diwali lunch party, sweets and gifts.... 3 weeks ago
- http://bit.ly/2jCMIf via @addthis -- useful information posted.. 1 month ago
My Tweets
