- Joined
- Mar 25, 2013
- Messages
- 23
- Points
- 0
1. Create register_globals to off to avert Form Injection with malicious data.
2. Make Error_reporting to E_ALL so that all variables will be initialized earlier than using them.
3. Make perform of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php.
4. SQL injection attacks by using mysql_escape_string().
5. User Input Sanitization-Never belief web user submitted data. Follow best client side data validation performance with normal terms before submitting data to the supply.
6. Form Submission Key Validation: A singleton technique can be used to create a session form key & validating form being submitted for the equal value alongside hidden form key parameters.
2. Make Error_reporting to E_ALL so that all variables will be initialized earlier than using them.
3. Make perform of using htmlentities(), strip_tags(), utf8_decode() and addslashes() for filtering malicious data in php.
4. SQL injection attacks by using mysql_escape_string().
5. User Input Sanitization-Never belief web user submitted data. Follow best client side data validation performance with normal terms before submitting data to the supply.
6. Form Submission Key Validation: A singleton technique can be used to create a session form key & validating form being submitted for the equal value alongside hidden form key parameters.