• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

PHP/MySQL Vulnerabilities

roblev

New Member
Hiya All,

I was wondering you procedure that you secure your scripts from being hacked or exploited as well as MySQL queries. Any ideas from anyone, I really wanna look into this.
 
use
PHP:
htmlspecialchars()

use this on any variables you echo that the user defines.

for mysql use password() for passwords
 
yeah, i use that already for html being inserted into MySQL, and tha password storage thing, i heard the encryption is weak on it so i use better. I use MD5, it is the standard, microsoft uses it. Wait, MS, shit, nm. Lol, back on topic, any other suggestions?
 
Never rely on register_globals. Try to write scripts that don't rely on register globals. NO unfiltered variables in a query.

Use magic_quotes, or disable magic_quotes and addslash all GET/POST/COOKIE data yourself.
 
MD5 is actually a very good encrypt/decrypt scheme if implemted properly. On a good password it would take a lot of computing time to break it.
 
Originally posted by LastActionHero
MD5 is actually a very good encrypt/decrypt scheme if implemted properly. On a good password it would take a lot of computing time to break it.
u can't decrypt it right? only thru a brute force attack
 
if i remeber correctly, md5 is based on sessions.. or some shit like that.. ok i'll shut up now.. :(.
 
Back
Top