I am fortunate to be working with a team full of
really talented PHP Coders on a fairly large project
and they have passed on a lot of new information and
shared some great tricks with me.
Use mysql_real_escape_string to escape 'evil characters' and prevent SQL Injection Attacks:
http://us.php.net/manual/en/function.mysql-real-escape-string.php
Or you can use ADOdb's Quote Function:
http://phplens.com/lens/adodb/docs-adodb.htm#quote
Or one of the classes on this site:
http://www.google.com/custom?domains=www.phpclasses.org&q=escape+string&sa=Search&sitesearch=www.phpclasses.org&client=pub-2951707118576741&forid=1&channel=5742870948&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23663399%3BGL%3A1%3BDIV%3A%23222222%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AA3C5CC%3BLBGC%3AA3C5CC%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BLH%3A50%3BLW%3A256%3BL%3Ahttp%3A%2F%2Ffiles.phpclasses.org%2Fgraphics%2Fgooglesearch.jpg%3BS%3Ahttp%3A%2F%2Fwww.phpclasses.org%2Fsearch.html%3BFORID%3A1%3B&hl=en
For extra safety on user data in a session encrypt and Decrypt it:
http://www.google.com/custom?domains=www.phpclasses.org&q=encryption&sa=Search&sitesearch=www.phpclasses.org&client=pub-2951707118576741&forid=1&channel=5742870948&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23663399%3BGL%3A1%3BDIV%3A%23222222%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AA3C5CC%3BLBGC%3AA3C5CC%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BLH%3A50%3BLW%3A256%3BL%3Ahttp%3A%2F%2Ffiles.phpclasses.org%2Fgraphics%2Fgooglesearch.jpg%3BS%3Ahttp%3A%2F%2Fwww.phpclasses.org%2Fsearch.html%3BFORID%3A1%3B&hl=en
We have had good luck with the PHPFreaksCrypto.class
http://www.phpfreaks.com/tutorials/128/1.php
ML et al, PHPClasses.org continues to be a valuable resource! Keep up the great work. |
Advertise on this site
Site map
Statistics
Site tips
Privacy policy
Contact