Today's Question:  What does your personal desk look like?        GIVE A SHOUT

 ALL


  Handy PHP functions should be in your toolkit

When developing projects, there are always some common work should be accomplished, for example, encrption/decryption, get IP. As a PHP developer, you should have a list of the handy functions in your toolkit so that you can pick up in every project you work on. Here is a summary of some handy PHP functions.1. PHP encryption/decryptionEncryption/decryption can be used when storing user confidential information such as passwords. Below function uses base64 and MD5 to accomplish encryption/decryption.function encryptDecrypt($key, $string, $decrypt){ if($decrypt){ $decrypted = rtrim(m...

4,901 0       PHP SQL INJECTION FUNCTION REAL IP


  Useful functions to provide secure PHP application

Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities  In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous open source language  - PHP.In PHP, there are few useful functions which is very handy for preve...

25,896 0       PHP SECURITY SQL INJECTION XSS AJAX


  Never ever touch a programmer

This is a technical license plate block example. We don't know whether it is working or not, however, the idea is very good. When you drive through some of the junctions, the camera captures the license number and convert it into text with OCR, and then insert them into the database. Therefore, this license plate on the car becomes a SQL injection. This picture tells us -- never trust user input.Author : 陈皓 Source : http://coolshell.cn/articles/6639.html#more-6639...

45,828 0       SQL INJECTION PROGRAMMER


  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and which vulnerability scanners to use in order to avoid leaving vulnerabilities undiscovered in parts of the appl...

20,475 0       SQL INJECTION CODE SECURITY HTTP HEADER


  PHP Security

1. IntroductionWriting PHP applications is pretty easy. Most people grasp the syntax rather quickly and will within short time be able to produce a script that works using tutorials, references, books, and help forum forums like the one we have here at PHP Freaks. The problem is that most people forget one of the most important aspects that one must consider when writing PHP applications. Many beginners forget the security aspect of PHP. Generally, your users are nice people, they will do as they are told and you will have no problem with these people whatsoever. However, some people...

30,488 0       PHP SECURITY SQL INJECTION XSS CROSS SIT