PHP Vulnerability
Posted: Mon Feb 17, 2014 4:52 pm
I'm a VERY beginner PHP programmer. So far I've build an Admin back-end that lets me input data into the server database and I've also build pages that query the database and display info from that database. It's all very top-level generic stuff.
My question is, how vulnerable is generic PHP? If I don't have any fancy admin calls/function is it possible for hackers to just utilize any PHP page and execute code or hacks on the server level?
I've belonged to PHP forums before (IPB and PHPBB) and they've all had security failures... but is that because their code is so complex and extensive (and includes things like email functions) that they're easier to hack and use to execute malicious code?
In short... is ANY php page vulnerable to attack or is the PHP's vulnerability dependent on what kind of scripts you're implementing?
And if any page is vulnerable, are there basic protections that can/should be put in place to protect a site?
Thanks in advance.
My question is, how vulnerable is generic PHP? If I don't have any fancy admin calls/function is it possible for hackers to just utilize any PHP page and execute code or hacks on the server level?
I've belonged to PHP forums before (IPB and PHPBB) and they've all had security failures... but is that because their code is so complex and extensive (and includes things like email functions) that they're easier to hack and use to execute malicious code?
In short... is ANY php page vulnerable to attack or is the PHP's vulnerability dependent on what kind of scripts you're implementing?
And if any page is vulnerable, are there basic protections that can/should be put in place to protect a site?
Thanks in advance.