browse by tag: security
sort by
Decoding a User Space Encoded PHP Script
in PHP added by goodphptutorials, on 14/5/2010 advanced tutorials encryption security
Every once in a while a new PHP encryption tool/service pops up and offers PHP “encryption”. Therefore the idea behind php-crypt that was announced today in the PHP Development forum of Xing is nothing new. Infact there are two types of PHP encryption systems source code obfuscators/encryptors/encoders and bytecode obfuscators/encryptors/encoders.
comment save report
The Horrors of C99.php
in PHP added by goodphptutorials, on 22/2/2010 c99 security
If you were a sysadmin a few years ago, and you had php on your servers, you’re probably already familiar with c99.
comment save report
User authentication with a secure cookie protocol in PHP
in PHP added by goodphptutorials, on 14/2/2010 advanced tutorials authentication cookie hmac security
The use of cookies introduces a few security issues. The data in the cookie is stored in plain text and can easily be modified or hijacked. Liu et al. (2005) propose a secure cookie protocol which we will use as a guideline in this example.
comment save report
Creating a secure PHP contact form
in PHP added by sneakybox, on 6/10/2009 contact form mysql php5 secure
An in-depth tutorial explaining how to create a spammer-stopping PHP contact form for your website.
comment save report
Image watermark with PHP
in PHP added by webmonitore, on 22/5/2009 advanced tutorials beginner tutorials content management general php5 security
To prevent quality images being stolen, we can use PHP to watermark web-images in popular formats like GIF/PNG/JPEG. We print a transparent gif-image on a jpeg-photo in this tutorial.
1 comment save report
10 Advanced PHP Tips Revisited
in PHP added by goodphptutorials, on 23/4/2009 beginner tutorials security tips
Because of PHP's huge popularity, it has become almost impossible for Web developers not to have at least a working knowledge of PHP. This tutorial is aimed at people who are just past the beginning stages of learning PHP and are ready to roll up their sleeves and get their hands dirty with the language. Listed below are 10 excellent techniques that PHP developers should learn and use every time they program. These tips will speed up proficiency and make the code much more responsive, cleaner and more optimized for performance.
1 comment save report
PHP and AJAX - Make a Password Strength Bar that Updates in Real-time
in PHP added by scott25, on 2/2/2009 beginner tutorials databases general mysql security
This tutorial will show you how to make a very simple feature which will help your users make more secure passwords, in registration forms. After the user types their password, this script will make a request to a PHP page, which will check the password for lowercase letters, uppercase letters, numbers and symbols. Without reloading the page, a bar displaying the strength of the password will be shown to the user.
5 comments save report
5 Helpful Tips for Creating Secure PHP Applications
in PHP added by goodphptutorials, on 2/1/2009 advanced tutorials security
PHP is one of the most popular programming languages for the web. Sometimes a feature-friendly language can help the programmer too much, and security holes can creep in, creating roadblocks in the development path. In this tutorial, we will take a look at 5 tips to help you avoid some common PHP security pitfalls and development glitches.
1 comment save report
The adventure of PHP and the magic quotes
in PHP added by goodphptutorials, on 19/12/2008 beginner tutorials compatibility security
Back in PHP 2, the “magic quotes” setting seemed like a great idea. It would automatically escape all of your input so you didn’t have to worry about those pesky SQL injections. Any dodgy characters entered by the user would be automatically escaped by a backslash.
comment save report
The Truth about Sessions
in PHP added by goodphptutorials, on 22/10/2008 advanced tutorials security session
Nearly every PHP application uses sessions. This article takes a detailed look at implementing a secure session management mechanism with PHP. Following a fundamental introduction to HTTP, the challenge of maintaining state, and the basic operation of cookies, I will step through simple and effective methods that can be used to increase the security and reliability of your stateful PHP applications.
comment save report
Random Password Generation
in PHP added by clearnetwork, on 15/7/2008 beginner tutorials general random security
A common feature found on many websites upon user registration are random passwords. This tutorial will walk you through a script that generates a random password to a given length.
comment save report
How to encrypt user info with php
in PHP added by jinxit, on 2/7/2008 encryption md5 salt security
If you run a serious webpage where you save login information for your members to a database it is generally a very good idea to perform some kind of encryption on these password to prevent the information to be shared in case your datebase would be hacked. This tutorial shows you how to do this.
comment save report
Creating a CAPTCHA image with security code to validate forms
in PHP added by tutorialhelpdesk, on 5/3/2008 captcha form validation image security
In this tutorial you will learn to create a security code image generator, or a CAPTCHA image, that is so helpful against spammers.
comment save report
How to Use PHP's Crypt() Function to Encrypt and Check a Password
in PHP added by Walkere, on 28/1/2008 beginner tutorials encryption passwords php5 security
This tutorial will walk you through using PHP's crypt() function to effectively encrypt a password for storage in a database and later check that password against a user's input.
comment save report
Complete advanced login member system
in PHP added by ineedtutorials, on 17/1/2008 advanced tutorials content management database login mysql security
This tutorial will show you how to create an advanced member login system with PHP, users can register, change password, email activation is included.
comment save report
PHP Captcha Tutorial (in-depth)
in PHP added by techusky, on 2/1/2008 advanced tutorials captcha php5 security verification
This CAPTCHA script allows a user to easily customize things such as the string length, minimum and maximum font size, image size, the font used, and even the characters used, etc... Unlike most CAPTCHA scripts that generate the random text based on an md5 hash of the time, this one lets the user input specific numbers, uppercase, and lowercase characters they want used (or don't want used) in the creation of the CAPTCHA image. It also assures, regardless of the length of the string, that there is at least both 1 random upper and lowercase character in the string, thus making it more difficult for bots. Another feature in this script is that it randomly rotates each character on the image.
comment save report
Creating a simple login script with php and mysql
in PHP added by ineedtutorials, on 31/12/2007 beginner tutorials content management mysql security
Learn to create a simple login system with php and mysql in 7 simple steps
comment save report
Apache Tips and Tricks: Hide PHP version (X-Powered-By)
in PHP added by goodphptutorials, on 30/12/2007 apache headers security
You can configure apache to provide only a minimal amount of information about the installed software versions in its banner. But if you are using the PHP module in your web server (as most of us are), then there is one additional step that need to be completed, and this is what I will show you in this tip.
comment save report
Better Sessions
in PHP added by goodphptutorials, on 25/10/2007 cookies and sessions ip security session hijack
Sessions have inherent problems, as most developers know. A session ID can be easily hijacked, and that can cause major problems with security in a website. There are ways around this - in PHP you can set up sessions so that the session ID can only be transmitted using cookies, but then you prevent those without cookies from logging in. One way around this problem is to tie your session ids to the user's IP address.
comment save report
PHP Security: GET - include
in PHP added by CombinedMinds, on 4/10/2007 get include security
You often find websites with serious but simple to fix security flaws. In this series we will talk about this. This time about GET - include problems.
comment save report
Traverse Directories the Easy Way with Glob
in PHP added by Wildhoney, on 16/9/2007 file handling security session sessions web
There is a powerful yet somewhat unheard of function in PHP titled glob(). Many beginners and intermediates alike struggle with the traversing of directories. Acquiring the directories contents and returning them in a readable format. If only they know how so very easy this task was!
comment save report