a few resources / June 19, 2005 10:29am@ trainedmonkey

here’s a few resources that someone may find helpful:

php’s htmlspecialchars() function, useful for encoding user input that may contain characters like <
php’s addslashes() function, useful for escaping user input for putting into an sql query (even better is to use a parameter-based query api)
a list of the top ten php security vulnerabilities

and don’t forget that in php, variables like $_SERVER['REQUEST_URI'] and $_SERVER['HTTP_REFERER'] are user input.

» june 19, 2005 10:29am » code, php, security » comment

« june 19, 2005 8:27am • june 19, 2005 12:15pm »