News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder.com:
PHP Filtering with OWASP
June 29, 2006 @ 06:15:37

On PHPBuilder.com today, there's a new tutorial that looks at a method to protect your PHP applications with the filters the Open Web Application Security Project provides.

OWASP (Open Web Application Security Project ) released a top ten list for web application security vulnerabilities in 2003 and 2004; you can find the latest information about their Top Ten Project here.

Most of the top ten vulnerabilities including (A1) Unvalidated Input, (A2) Broken Access Control, (A4) Cross Site Scripting (XSS) Flaws, and (A6) Injection Flaws, can be avoided by using these filters.

They walk through the installation before talking about the types of filters at your disposal - paranoid, SQL, system, HTML, int/float, UTF-8, and LDAP. The check() function looks at the inputted value to see if it passes the test (the other option the function takes).

They also give an example of combining filters as well, making more secure validation even easier.

0 comments voice your opinion now!
filtering security open web application project check types filtering security open web application project check types


blog comments powered by Disqus

Similar Posts

IBM developerWorks: Building the DB2 Health Monitor Sample Application for PHP (Part 2)

Job Posting: Talentporte, Inc. (Recruiter) Seeks Web Application Developer (St. Louis, MO)

Rob Richards\' Blog: We Have A Winner

Dan Scott\'s Blog: Book Review - No Nonsense XML Web Development With PHP (Build Your Own)

Greg Beaver\'s Blog: Why it is very important to upgrade to PEAR 1.4.6 from PEAR 1.3.x


Community Events

Don't see your event here?
Let us know!


part2 composer conference php7 application yii2 project series introduction symfony api language list interview laravel podcast community example opinion framework

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework