ALL
Handy PHP functions should be in your toolkit
When developing projects, there are always some common work should be accomplished, for example, encrption/decryption, get IP. As a PHP developer, you should have a list of the handy functions in your toolkit so that you can pick up in every project you work on. Here is a summary of some handy PHP functions.1. PHP encryption/decryptionEncryption/decryption can be used when storing user confidential information such as passwords. Below function uses base64 and MD5 to accomplish encryption/decryption.function encryptDecrypt($key, $string, $decrypt){ if($decrypt){ $decrypted = rtrim(m...
5,104 0 PHP SQL INJECTION FUNCTION REAL IP
Useful functions to provide secure PHP application
Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous open source language - PHP.In PHP, there are few useful functions which is very handy for preve...
26,498 0 PHP SECURITY SQL INJECTION XSS AJAX
Never ever touch a programmer
This is a technical license plate block example. We don't know whether it is working or not, however, the idea is very good. When you drive through some of the junctions, the camera captures the license number and convert it into text with OCR, and then insert them into the database. Therefore, this license plate on the car becomes a SQL injection. This picture tells us -- never trust user input.Author : 陈皓 Source : http://coolshell.cn/articles/6639.html#more-6639...
46,205 0 SQL INJECTION PROGRAMMER
SQL Injection through HTTP Headers
During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and which vulnerability scanners to use in order to avoid leaving vulnerabilities undiscovered in parts of the appl...
20,877 0 SQL INJECTION CODE SECURITY HTTP HEADER