Other Ways To Secure A Portal PHP - Programming

Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,148,672 members, 7,801,937 topics. Date: Friday, 19 April 2024 at 06:25 AM

Other Ways To Secure A Portal PHP - Programming - Nairaland

Nairaland Forum / Science/Technology / Programming / Other Ways To Secure A Portal PHP (1132 Views)

Using a portal remote control: only advantages! / Webmasters And Nairalanders! I Need Your Help In Other To Secure A Job Urgently. (2) (3) (4)

(1) (Reply) (Go Down)

Other Ways To Secure A Portal PHP by uvalued(m): 6:13pm On Jan 11, 2017

greetings to you all.

we have been designing a departmental portal for a small school using php mysql

now on the issue of security.. we were able to do the following
1. made sure we used pdo
2. used preg_replace to replace any text/number from textbox

but with the rapid increase in security threat, i felt i need to inquire from gurus to suggest how to protect the database and the portal.

hopefully i want to learn backtrack to subject the portal to test for holes etc. untill then please kindly suggest other means of securing the portal.

thank you

Re: Other Ways To Secure A Portal PHP by talk2hb1(m): 8:21pm On Jan 11, 2017

XSS, SQL INJECTION, XSRF, DDOD, etc

Re: Other Ways To Secure A Portal PHP by uvalued(m): 11:36pm On Jan 11, 2017

talk2hb1:
XSS, SQL INJECTION, XSRF, DDOD, etc

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...

Re: Other Ways To Secure A Portal PHP by talk2hb1(m): 11:50pm On Jan 11, 2017

uvalued:

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...

It depends

Re: Other Ways To Secure A Portal PHP by Nobody: 6:30am On Jan 12, 2017

uvalued:

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...

That's an hack. Preg replacing this things would harm you.. How many different use cases for preventing xss and sql injection is your fancy regex going to take into consideration?

Sql injection ? Use prepared statements.
Xss ? Use the html_entities function

https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

(1) (Reply)

The Federal Polytechnic Bida Campus App (android App) / How Can I Center The Main-container In This HTML Layout ? / Help Ugently Needed For My Msqli Error

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 9
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.