Hi,
I use a lot of forms that "POST" data. What security measures should I consider to ensure that the data posted is secure (inaccessible to unauthorised people)?
$_POST Vulnerabilities
Moderator: General Moderators
- aceconcepts
- DevNet Resident
- Posts: 1424
- Joined: Mon Feb 06, 2006 11:26 am
- Location: London
take a look at http://en.wikipedia.org/wiki/Https
- mikeeeeeeey
- Forum Contributor
- Posts: 130
- Joined: Mon Jul 03, 2006 4:17 am
- Location: Huddersfield, UK
You can't really stop people accessing that information, since anything inside a form can be manipulated by tools outside of it.
If you're posting this data to a database however, you'll need to cleanse and sanitise your POST variables in order to keep your SQL input secure and uncomprimised.
Look up mysql_real_escape_string(), addslashes() and get_magic_quotes().
Also, things such as numbers can be parsed as integers by using (int).
Hope this helps.
If you're posting this data to a database however, you'll need to cleanse and sanitise your POST variables in order to keep your SQL input secure and uncomprimised.
Look up mysql_real_escape_string(), addslashes() and get_magic_quotes().
Also, things such as numbers can be parsed as integers by using (int).
Hope this helps.
- aceconcepts
- DevNet Resident
- Posts: 1424
- Joined: Mon Feb 06, 2006 11:26 am
- Location: London