Allow users to add content to a web page

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
kippy
Forum Commoner
Posts: 84
Joined: Wed Jun 07, 2006 8:25 pm

Allow users to add content to a web page

Post by kippy »

I was wondering is there a safe way to allow a user to login to a system and update a web page(s) via a wysiwyg editor safely without allowing a random user from hacking in via sql injection, etc.? I plan to all unknown users to have access and control over one(possibly more) web pages where they can control the look and content of the provided area, but I worry about hacking individuals vandilizing the database and messing with other users pages. Any suggestions? or is this something I should worry about?

Thanks!
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Allow users to add content to a web page

Post by Mordred »

Umm, yees...
Check any wiki, any forum, any blog, any CMS.
Post Reply