rockwood Posted June 15, 2013 Posted June 15, 2013 injections = PDO or Mysqli with bind values or params XSS = make your GET value as int or sting ,htmlspecialchars(),sprintf(),int(); this is enough friends ? Quote
Razor42 Posted June 15, 2013 Posted June 15, 2013 Show some example of how you would actually use them.... Quote
Guest Posted June 15, 2013 Posted June 15, 2013 There are various exploits in bound vars, you need to set some specific options for PDO to secure it. Quote
a_bertrand Posted June 15, 2013 Posted June 15, 2013 There is A LOT LOT more security issues than simply SQL injections and XSS ;) So no you are not covered with only that rockwood. You may check: https://www.owasp.org/index.php/Category:Attack That gives a bit more ideas of what can be wrong. Quote
rockwood Posted June 16, 2013 Author Posted June 16, 2013 (edited) Thanks It will be Helpful Edited June 16, 2013 by rockwood Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.