Home » » PHP method of securely Tips

PHP method of securely Tips

08:09

PHP method of securely website

PHP Web security tips

Passwords used within your PHP application
 should always be encrypted. If the server you
are using does not support mcrypt(), use crypt() to
encrypt the password entered during the login,
then check this against the stored encrypted password.

Cryptography is just a part of a secure solution as it can
 only be used once data has been received by the server.


 You may also need to take advantage of SSL connections
 in your Web sites. SSL, which stands for Secure Sockets Layer,
 is a method of securely transmitting information between a
 client the Web browser and the server. Utilization of SSL
connections indicated by the https://prefix in a URL is a
must for e-commerce applications. You can also specify
that cookies are sent over a SSL connection by setting the
 proper parameters when using the setcookie() function.
Check with your ISP or server administrator to see if SSL
 connections are supported on the machine you are using.

Security Resources.




There are literally dozens upon dozens of Web sites you can
 visit to keep yourself informed of pertinent security issues. The most prominent four, in my opinion, are:

Computer Response Emergency Team (http://www.cert.org)

Security Focus (http://www.security-focus.com)

Packet Storm (http://packetstorm.securify.com)

World Wide Web Consortium (http://http://www.w3.org/Security/Faq/www-security-faq.html)

There are also any number of books available ranging from those that generically discuss security to those that will assist in establish secure Windows NT or Linux Web servers.

With respect to PHP, do not forget to read the PHP manual's
section on security. Also review the security section of the
documentation for the database you are using on the server.
 Some, such as MySQL's manual, includes tips specifically
 with respect to using PHP and MySQL.









Categories: 
Related Posts:
  • MySQL with php The basic steps of performing a query, whether using the mysql command-line tool or PHP, are the same:Connect to the database.Select the database to use.Build a SELECT statement.Perform the query.Display the results. Wh… Read More
  • Create Login page php-Php code  Create Login page php <?php             session_start();             $host="localhost"; // Host name &n… Read More
  • Building Dynamic Images-PHP You want to create an image based on a existing image template and dynamic data typically text). For instance, you want to create a hit counter. Load the template image, find the correct position to properly cente… Read More
  • Showing the Local Time in Other Time Zones Showing the Local Time in Other Time Zones Sometimes, you want  to show a formatted time in the current time zone and inother time zones as well. The following script shows a full textual date representation for the U.S… Read More
  • PHP while Loop PHP while Loop with code while - loops run  a set of code as  the  condition is true. Basic Syntaxwhile (condition){    code for executed;}<?php$k=1;while($k<=5) {  echo "The numbe… Read More
  • Php Date or Time Simplest display of date or time is telling your users what time it is. Use the date( ) or strftime( ) strftime( ) says: Wed Oct 20 12:00:00 2004date( ) says: Wed, 20 Oct 2004 12:00:00 -0400 Both strftime( ) and date( )… Read More
  • var_dump and print_r -PHP-standard Functions like var_dump and print_r are also invaluable when debugging var_dump var_dump functions displays information about variables in a simple, readable  format. This function is very useful when debugging—p… Read More
  • php-Dynamic Variables Sometimes it is useful to set and use variables dynamically.  Normally, you assign a variable like this:  $var = "hello";   Now let's say you want a variable whose name is the  value of the $var va… Read More
  • PHP Expressions An expression is the basic building block of the language.  Anything with a value can be thought of as an expression.  Examples include: 5 5+5 $a $a==5 sqrt(9) By combining many of these basic expressions, you… Read More
  • Sorting Arrays-PHP PHP supports a variety of ways to sort an array when  I say sort, I am referring to an alphabetical sort if it is a string,  and a numerical sort if it is a number. When sorting an array,  you must k… Read More
  • security to POST-PHP $_POST  POST-method variables. Form field data from regular  POST-method forms.   PHP automatically creates variables for all the data it receives  in an HTTP request. This can include GET data, POST … Read More
  • PHP Jobs interview-Common Section PHP Syntax Variables Operators Arrays If/Then Statements Switch Statements For Loops Foreach Loops While Loops Do While Loops User-Defined Functions Object Oriented Programming with PHP… Read More
  • strtotime php-current time zone strtotime()parsing is always done with the current time zone, unless a different time zone is specified in the string that is parsed:<?phpecho date("H:i T\n", strtotime("09:22")); // shows 09:22 CETecho date("H:i T\n\n", … Read More
  • Php-Configuration Control Through .htaccess The .htaccessfile is very powerful and can control more than just URL structure. For instance, you can control PHP configuration options using the .htaccessfile. To increase the memory allotted to PHP use this command: php_v… Read More
  • how Installing mod_rewrite localhost If you’ve installed Apache yourself, read on. Because of its  popularity, mod_rewrite is now included with all common  Apache distributions. If desired, you can verify if your Apache installation has the mod_rewr… Read More