I know two cases of care when you make web sites with PHP
The first is SQl injection and the second is protecting Checkbox and edits(in slome languages they are named "edit',elements of the pages for searching for example) for inserting javascprits ,how i know.
can other cases of PHP developing for taking care of security?
i copy and paste javascipt from random web site, for example.Shoul i take care for security,from aspect of javascript?
cases of care for security ,javaspript
Moderator: General Moderators
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: cases of care for security ,javaspript
When it comes to security of a PHP application, there are several things to note, some of them being more theoretical than practical. The aspect of JavaScript would belong to the category of XSS. Security is a large area and there's no easy way to put it in a nutshell.
A secure application handles authentication (login, cookies, passwords, etc.), authorization (proper permissions, etc.), sessions (cookies, identifiers, tokens, etc.), injection attacks (XSS, header injections, SQLi, LDAPi, XPATHi, directory traversal, null byte injections, RCE, etc.), other miscellaneous attacks (CSRF, MITM, LFI, RFI, etc) properly and follows good and proven principles. It's not always about protecting from a specific attack, but sometimes about the strength of something (e.g. a strength of a key/some system).
SQLi and XSS are the most common types of attacks so start from there.
A secure application handles authentication (login, cookies, passwords, etc.), authorization (proper permissions, etc.), sessions (cookies, identifiers, tokens, etc.), injection attacks (XSS, header injections, SQLi, LDAPi, XPATHi, directory traversal, null byte injections, RCE, etc.), other miscellaneous attacks (CSRF, MITM, LFI, RFI, etc) properly and follows good and proven principles. It's not always about protecting from a specific attack, but sometimes about the strength of something (e.g. a strength of a key/some system).
SQLi and XSS are the most common types of attacks so start from there.
Re: cases of care for security ,javaspript
Kia plaese tell me books for solving these security problems i PHP.
Thanksadvace
Thanksadvace