Comments on: 7 Useful functions to tighten the security in PHP

By: Sidambara Selvan Blog » Blog Archive » 7 Useful functions to tighten the security in PHP

Mon, 20 Sep 2010 18:39:43 +0000

[...] roshanbh.com.np No Comments Read [...]

By: Kaifu Computing

Kaifu Computing — Wed, 16 Jun 2010 10:47:57 +0000

I agree with Dave Marshall – these are absolutely essential for use in any public facing PHP application.

Great blog, subscribed to your RSS feed just now!

By: ibrahim sana

ibrahim sana — Sun, 01 Nov 2009 22:13:10 +0000

nice post. thanx
The mysql_real_escape function is used for mysql database only , for other DBMS other functions is in used. For example in Postgres you can use pg_escape_string for escaping harmful characters.
please note that some php “bad features” can yield to a real security hole and not mentioned here, for example the register_globals feature.

By: CHITARANNJAN SATHUA

CHITARANNJAN SATHUA — Fri, 18 Sep 2009 09:15:41 +0000

if i will convert all the special character to html and insert in to my database
and how can i retrive data and shows as it i want

By: Nick Poulos

Nick Poulos — Sun, 21 Jun 2009 23:46:16 +0000

I know for certain types of variables (like zip code, phone, email, ssn, etc) regular expressions are preferred or even necessary in some cases. But for quick and easy validation for certain var types – what about using functions like is_numeric to check variables? For ex:

if (!is_numeric($_GET["id"]))
$errors[ ]=”You did not enter a valid id!”;
else
$id=$_GET["id"];

Any reason this would be unsafe or poses a risk?

By: Shahriat Hossain

Shahriat Hossain — Mon, 04 May 2009 05:50:58 +0000

Thanks for sharing these useful functions.

By: Tigran.su

Tigran.su — Fri, 06 Feb 2009 12:46:50 +0000

i like this article. it read it and it was very funny, but if anybody wants to be more professional, must read GOOGLE…:))))))))

By: Enlaces del 05-02-09 | evelio.info

Enlaces del 05-02-09 | evelio.info — Thu, 05 Feb 2009 07:15:56 +0000

[...] Useful functions to tighten the PHP security [...]

By: Asad Abbas

Asad Abbas — Sat, 27 Dec 2008 05:03:17 +0000

nice article … I like all the tips especially intval :p …. people just forget simple things and get caught !

By: Kit Peters

Kit Peters — Mon, 27 Oct 2008 21:34:30 +0000

I would go one further than previous commenter Jasper and recommend *against* using the mysql_* functions at all. Instead, use the PDO classes, which ship with recent versions of PHP.

By: Roshan

Roshan — Wed, 04 Jun 2008 11:12:38 +0000

Thanks SNaRe for motivation…

By: SNaRe

SNaRe — Wed, 04 Jun 2008 05:24:29 +0000

Your articles are really great. I added you to my rss list

By: salman

salman — Thu, 29 May 2008 20:50:16 +0000

wow nice post dude. thanks for this

By: links for 2008-05-27 | Mior Muhammad Zaki

links for 2008-05-27 | Mior Muhammad Zaki — Tue, 27 May 2008 12:32:30 +0000

[...] Useful functions to tighten the PHP security (tags: programming PHP Security tips) [...]

By: 7 ??????? PHP, ??????? ????? ???????? ???????????? ????? | ????????.??

7 ??????? PHP, ??????? ????? ???????? ???????????? ????? | ????????.?? — Mon, 26 May 2008 23:12:50 +0000

[...] ????????: ???? ?????? ?????????. [...]