New to PHP want to design web based data entry system, My issue with security, How to authenticate, how to restrict access the pages directly without login, encryption, manage sessions, How professional programs work, Please advise me
Thanks in advance
leulae
Security Advice need
Moderator: General Moderators
Re: Security Advice need
That's a lot of random issues. For starters, how do you wish to restrict page access other than by means of a login? Specific IP's only? (bad idea imho)
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Security Advice need
Indeed a lot of random issues. For starters, I can only recommend learning PHP first, and only then implement more or less secure systems.
Re: Security Advice need
Learn to crawl before you run, Leulae. Rome wasn't built in a day. However, here are a few points to get you started with what you ask.
Security - Far too broad of an issue to deal with directly.
Authentication - http://www.phpeasystep.com/workshopview.php?id=6
Restrict access to pages without login - Do you mean if someone isn't logged in, then they don't get to see a page? Easily done with sessions (see below) and authentication (see above)
Sessions - http://www.tizag.com/phpT/phpsessions.php
Security - Far too broad of an issue to deal with directly.
Authentication - http://www.phpeasystep.com/workshopview.php?id=6
Restrict access to pages without login - Do you mean if someone isn't logged in, then they don't get to see a page? Easily done with sessions (see below) and authentication (see above)
Sessions - http://www.tizag.com/phpT/phpsessions.php
Re: Security Advice need
Thank you all
Re: Security Advice need
very simple steps
1. $_GET:allow only alphanumeric
2. if ur using ?page=1 ...etc, make sure $page=(int)$_GET['page']; //thats the easiest way to sanitize numbers.
and lots more ...but first learn PHP
1. $_GET:allow only alphanumeric
2. if ur using ?page=1 ...etc, make sure $page=(int)$_GET['page']; //thats the easiest way to sanitize numbers.
and lots more ...but first learn PHP