₦airaland Forum

Welcome, Guest: Join Nairaland / LOGIN! / Trending / Recent / New
Stats: 1,845,850 members, 3,675,834 topics. Date: Sunday, 23 July 2017 at 01:43 AM

Other Ways To Secure A Portal PHP - Programming - Nairaland

Nairaland Forum / Science/Technology / Programming / Other Ways To Secure A Portal PHP (316 Views)

Webmasters And Nairalanders! I Need Your Help In Other To Secure A Job Urgently. / How To Secure My Wireless Router / Need To Secure Your Compiled Software (.msi Or .exe) To 1/PC? (1) (2) (3) (4)

(0) (Reply) (Go Down)

Other Ways To Secure A Portal PHP by uvalued(m): 6:13pm On Jan 11
greetings to you all.

we have been designing a departmental portal for a small school using php mysql

now on the issue of security.. we were able to do the following
1. made sure we used pdo
2. used preg_replace to replace any text/number from textbox

but with the rapid increase in security threat, i felt i need to inquire from gurus to suggest how to protect the database and the portal.

hopefully i want to learn backtrack to subject the portal to test for holes etc. untill then please kindly suggest other means of securing the portal.

thank you
Re: Other Ways To Secure A Portal PHP by talk2hb1: 8:21pm On Jan 11
XSS, SQL INJECTION, XSRF, DDOD, etc
Re: Other Ways To Secure A Portal PHP by uvalued(m): 11:36pm On Jan 11
talk2hb1:
XSS, SQL INJECTION, XSRF, DDOD, etc
thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...
Re: Other Ways To Secure A Portal PHP by talk2hb1: 11:50pm On Jan 11
uvalued:

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...
It depends
Re: Other Ways To Secure A Portal PHP by Nobody: 6:30am On Jan 12
uvalued:

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...
That's an hack. Preg replacing this things would harm you.. How many different use cases for preventing xss and sql injection is your fancy regex going to take into consideration?

Sql injection ? Use prepared statements.
Xss ? Use the html_entities function

https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

(0) (Reply)

Why To Choose Eagle’s Aliexpress Clone Script For E-commerce? / Android Programmer Wanted / Help Out A Fella

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (0) (1) (2) (3) (4) (5) (6) (7) (8) (9)

Nairaland - Copyright © 2005 - 2017 Oluwaseun Osewa. All rights reserved. See How To Advertise. 72
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.