5.4. Safe-Handling User Input
Trust nobody, especially not the users of your web application. Users always do unexpected things, whether on purpose or by accident, and thus might find bugs or security holes in your site. In the following sections, we first show some of the major problems that may cause your site to sustain attacks. Then, we talk about some techniques to deal with the problems.
5.4.1. Common Mistakes
A certain set of mistakes are often made. If you read security-related mailing lists (such as Bugtraq, http://www.securityfocus.com/archive/1), you will notice at least a few vulnerabilities in PHP applications every week.
5.4.1.1. Global Variables
One basic mistake is not initializing global variables properly. Setting the php.ini ...
Get PHP 5 Power Programming now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
