Learn More
Resend Email
12
GMR516
7y

Never have I been so satisfied as I am right now after having implemented a login and user account system with the ability to update user preferences with databases n' shit in PHP after only knowing PHP for a day.

Speaking of all that, do you guys know of any good place to make sure all my stuff is secure? No SQL injections n' the like.

rant

php

mysql

accounts

login
Favorite
Ranter
Comments
  • 0
    7y
    if its your own server, you can use SQLMAP to identify exploits., also a good read the Hitchhikers guide.

    are you using PDO or MYSQLi_.. or dare i say MYSQL_?

    http://sqlmap.org/

    https://phpdelusions.net/sql_inject...
  • 3
    7y
    @C0D4 Thanks!

    It's hosted on Namecheap.

    Unfortunately(?) it's MySQL. You didn't sound too happy about it. XD

    Thanks for the links, I'll check them out!
  • 1
    7y
    @GMR516 mysql_ is dated (i still have some code bases using it) but that doesn't mean you can't prevent SQL injection.

    mysql_real_escape_string() will be one of your best friends, and im assuming Apache for the web server??

    you could give some of the responsibility of sqli prevention to Apache using mod_security

    https://www.modsecurity.org
  • 1
    7y
    Please, only use PDO and prepared statements. mysql is outdated and will be removed soon.
    PDO can be used with any DB, that's its speciality.
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment