want to join us? register, it's easy | help

browse by tag: secure

sort by

newest, oldest, most popular


category icon

PHP Security: GET - include

in PHP added by CombinedMinds, on 4/10/2007 get include security

You often find websites with serious but simple to fix security flaws. In this series we will talk about this. This time about GET - include problems.

comment save report
category icon

Traverse Directories the Easy Way with Glob

in PHP added by Wildhoney, on 16/9/2007 file handling security session sessions web

There is a powerful yet somewhat unheard of function in PHP titled glob(). Many beginners and intermediates alike struggle with the traversing of directories. Acquiring the directories contents and returning them in a readable format. If only they know how so very easy this task was!

comment save report
category icon

Understanding the Life of a Session

in PHP added by Wildhoney, on 15/9/2007 advanced tutorials security session sessions

One of the most vast misconceptions in the PHP world is how sessions really do work. I'm fairly confident most of us know how to start sessions, terminate sessions, regenerate session IDs and easily pass data from 1 page to another. But do you really know how they work inside out?

comment save report
category icon

Securing your MySQL queries with sprintf

in PHP added by Wildhoney, on 13/9/2007 programming security sessions

Sprintf in itself will not secure a MySQL query from head to toe. That should be made clear from the word go. There are many more techniques that go into ensuring a MySQL statement is safe to execute on the MySQL server. Sprintf will, however, take a lot of the sting out of any malice.

Not only will your new found knowledge help you when it comes to security, but sprintf and its twin brother with a slight genetic mismatch, printf, are on hand to make your PHP code look a lot more programmer-friendly.

comment save report
category icon

PHP Security: Sending an email

in PHP added by CombinedMinds, on 10/9/2007 email mail security

You probably wouldn't expect it, but the well known function mail() is a often a goldmine for spammers. In this tutorial we'll talk about the danger of using mail() in your PHP powered website.

comment save report
category icon

The fastest way to see how many people are online at your site

in PHP added by Nikolas, on 2/9/2007 cookies and sessions online security session

A quick way to see how many people are browsing your site for php enabled web sites.

comment save report
category icon

PHP Security: SQL Injection

in PHP added by CombinedMinds, on 26/8/2007 security sql injection

This tutorial will explain SQL Injection. A very common security flaw not much people take serious because its a little bit harder for a cracker to hack.

comment save report
category icon

Protecting a Page with Sessions

in PHP added by Dale, on 26/7/2007 cookies and sessions login logout password secure sessions

In this tutorial you will learn how to login using a passcode to view stuff on pages that you have hidden, then also logout. It is all secured by Sessions.

comment save report
category icon

Basic image captcha

in PHP added by FiSh, on 11/6/2007 captcha gdlib image image verification security

Create a basic image captcha script for your forms.

comment save report
category icon

PHP Abstract Episode 1 - PHP Secuity Tips

in PHP added by CalEvans, on 6/6/2007 podcast security

Eli talks to us about practical tips you can use to help make your application more secure.

comment save report
category icon

Avoiding RFIs

in PHP added by FiSh, on 4/6/2007 file inclusion remote file include rfi security

These are some simple tips to prevent coding RFIs (Remote File Includes) into your PHP scripts.

comment save report
category icon

SQL Injection Walkthrough

in PHP added by goodphptutorials, on 13/2/2007 injection security sql

The following article will try to help beginners with grasping the problems facing them while trying to utilize SQL Injection techniques, to successfully utilize them, and to protect themselves from such attacks.

comment save report
category icon

Secure PHP installation on unix/linux systems

in PHP added by quipo, on 27/1/2007 apache howto linux php php5 security unix

Simple guide to a more secure PHP installation on unix/linux systems

comment save report
category icon

Secure File Upload with PHP

in PHP added by Nolte, on 18/1/2007 file handling file upload security tips

PHP makes uploading files easy. You can upload any type of file to your Web server. In spite of security issues that should be addressed before enabling file uploads, the actual mechanisms to allow this are straight forward. In this tutorial we will consider how to upload files to some directory on your Web server. We will also discuss security issues concerned with the file uploading.

comment save report
category icon

Login - Logout with a Session in 1 file

in PHP added by goodphptutorials, on 13/1/2007 security session user user authentication

Create a file for Login and Logout (PHP + MySQL) using with a SESSION variable. This file contains Login form, Login authorize program and Logout program.

comment save report
category icon

The 10 mistakes you should avoid with PHP

in PHP added by regindk, on 10/1/2007 advanced tutorials mysql php security

A list of the 10 most common mistakes done by PHP developers and how to avoid them.

comment save report
category icon

Pro PHP Security / Preventing SQL Injection

in PHP added by goodphptutorials, on 12/11/2006 security

PHP is an extremely powerful yet easy-to-learn scripting language, affording even relatively inexperienced programmers the opportunity to create complex, dynamic websites. It is, however, notoriously difficult to ensure privacy and security of internet services.

comment save report
category icon

How to Encrypt Passwords in the Database

in PHP added by goodphptutorials, on 16/9/2006 security

If you are developing a password-protected web site, you have to make a decision about how to store user password information securely. This article will show you how to encrypt user passwords with md5 algorithm and how to start using encrypted passwords if you already have users database ready.

comment save report
category icon

XSS, Cookies, and Session ID Authentication ? Three Ingredients for a Successful Hack

in PHP added by goodphptutorials, on 14/8/2006 attack bug cross site scripting security xxs

Cross site scripting (XSS) errors are generally considered nothing more than a nuisance ? most people do not realize the inherent danger these types of bugs create. In this article Seth Fogie looks at a real life XSS attack and how it was used to bypass the authentication scheme of an online web application, leading to "shell" access to the web server.

comment save report
category icon

Password Hashing

in PHP added by goodphptutorials, on 29/5/2006 security

In this article I'm going to cover password hashing, a subject which is often poorly understood by newer developers. Recently I've been asked to look at several web applications which all had the same security issue - user profiles stored in a database with plain text passwords.

comment save report
category icon

Writing Secure PHP

in PHP added by goodphptutorials, on 8/5/2006 security

PHP is a very easy language to learn, and many people without any sort of background in programming learn it as a way to add interactivity to their web sites. Unfortunately, that often means PHP programmers, especially those newer to web development, are unaware of the potential security risks their web applications can contain. Here are a few of the more common security problems and how to avoid them.

comment save report
category icon

Visual Verification in PHP

in PHP added by goodphptutorials, on 8/4/2006 captcha security spam

Verification of form data is used to determine whether or not the submission is from a user or from a "bot". Most forms now include image verification for just this reason. This article will demonstrate how to create a simplified image verification system..

comment save report
category icon

PHP Security Image

in PHP added by goodphptutorials, on 3/4/2006 captcha image media security

This in depth tutorial will show you how to create a security image to prevent bots from flood-registering your site.

comment save report
category icon

SQL Injections with Microsoft SQL & Sybase

in PHP added by goodphptutorials, on 17/3/2006 security

Microsoft SQL and Sybase use a different method to escape quotes, which means they need special treatment when it comes to SQL Injections in PHP.

comment save report
category icon

SQL Injections in PHP with MySQL

in PHP added by goodphptutorials, on 16/3/2006 get post security session sql injection

SQL injections are a major security risk in many PHP applications. Injections are caused when a web developer allows the end-user to manipulate a variable that is being inserted into a database query string, generally through the $_GET, $_POST or $_SESSION superglobals

comment save report