₦airaland Forum

Welcome, Guest: Join Nairaland / LOGIN! / Trending / Recent / New
Stats: 1,916,658 members, 3,930,577 topics. Date: Friday, 24 November 2017 at 06:49 AM

Other Ways To Secure A Portal PHP - Programming - Nairaland

Nairaland Forum / Science/Technology / Programming / Other Ways To Secure A Portal PHP (339 Views)

NOUN PORTAL Nouonline.net, A Case Of Very Bad Design / Webmasters And Nairalanders! I Need Your Help In Other To Secure A Job Urgently. / How To Secure My Wireless Router (1) (2) (3) (4)

(0) (Reply) (Go Down)

Other Ways To Secure A Portal PHP by uvalued(m): 6:13pm On Jan 11
greetings to you all.

we have been designing a departmental portal for a small school using php mysql

now on the issue of security.. we were able to do the following
1. made sure we used pdo
2. used preg_replace to replace any text/number from textbox

but with the rapid increase in security threat, i felt i need to inquire from gurus to suggest how to protect the database and the portal.

hopefully i want to learn backtrack to subject the portal to test for holes etc. untill then please kindly suggest other means of securing the portal.

thank you
Re: Other Ways To Secure A Portal PHP by talk2hb1: 8:21pm On Jan 11
XSS, SQL INJECTION, XSRF, DDOD, etc
Re: Other Ways To Secure A Portal PHP by uvalued(m): 11:36pm On Jan 11
talk2hb1:
XSS, SQL INJECTION, XSRF, DDOD, etc
thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...
Re: Other Ways To Secure A Portal PHP by talk2hb1: 11:50pm On Jan 11
uvalued:

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...
It depends
Re: Other Ways To Secure A Portal PHP by Nobody: 6:30am On Jan 12
uvalued:

thanks with preg_replace xss and sql injection will be handled quite successfully dont you think so...
That's an hack. Preg replacing this things would harm you.. How many different use cases for preventing xss and sql injection is your fancy regex going to take into consideration?

Sql injection ? Use prepared statements.
Xss ? Use the html_entities function

https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

(0) (Reply)

Are You a Programming Genius And Below 27 years? / Roadmap To Becoming A Web Developer In 2017 / Learn How To Be The Best Programmer An Work On That Dream Job Of Yours

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (0) (1) (2) (3) (4) (5) (6) (7) (8) (9)

Nairaland - Copyright © 2005 - 2017 Oluwaseun Osewa. All rights reserved. See How To Advertise. 32
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.