want to join us? register, it's easy | help

browse by tag: secure

sort by

newest, oldest, most popular


category icon

XSS, Cookies, and Session ID Authentication ? Three Ingredients for a Successful Hack

in PHP added by goodphptutorials, on 14/8/2006 attack bug cross site scripting security xxs

Cross site scripting (XSS) errors are generally considered nothing more than a nuisance ? most people do not realize the inherent danger these types of bugs create. In this article Seth Fogie looks at a real life XSS attack and how it was used to bypass the authentication scheme of an online web application, leading to "shell" access to the web server.

comment save report
category icon

Introduction to HTTP Response Splitting

in PHP added by goodphptutorials, on 4/12/2005 cross site scripting security vulnerabities xss

This is a fairly new web application vulnerability. It can be used for the following purposes.

comment save report
category icon

PHP Security: SQL Injection

in PHP added by CombinedMinds, on 26/8/2007 security sql injection

This tutorial will explain SQL Injection. A very common security flaw not much people take serious because its a little bit harder for a cracker to hack.

comment save report
category icon

Understanding the Life of a Session

in PHP added by Wildhoney, on 15/9/2007 advanced tutorials security session sessions

One of the most vast misconceptions in the PHP world is how sessions really do work. I'm fairly confident most of us know how to start sessions, terminate sessions, regenerate session IDs and easily pass data from 1 page to another. But do you really know how they work inside out?

comment save report
category icon

Avoiding RFIs

in PHP added by FiSh, on 4/6/2007 file inclusion remote file include rfi security

These are some simple tips to prevent coding RFIs (Remote File Includes) into your PHP scripts.

comment save report
category icon

How to Encrypt Passwords in the Database

in PHP added by goodphptutorials, on 16/9/2006 security

If you are developing a password-protected web site, you have to make a decision about how to store user password information securely. This article will show you how to encrypt user passwords with md5 algorithm and how to start using encrypted passwords if you already have users database ready.

comment save report
category icon

SQL Injections with Microsoft SQL & Sybase

in PHP added by goodphptutorials, on 17/3/2006 security

Microsoft SQL and Sybase use a different method to escape quotes, which means they need special treatment when it comes to SQL Injections in PHP.

comment save report