Pages

Wednesday, November 16, 2011

Two essentials for keeping your site safe

If you store any user input on your server or post it to your site or URL, you may be vulnerable to hacker attacks.

If you do nothing else to promote web security, take these two measures at the very minimum:
* Encode any user input you pass into SQL calls to the database.
* Encode any text and data you dynamically write to a web page or URL.

Most major server-side coding languages contain an intrinsic HTML encoding function:
* ASP: Server.HtmlEncode()
* PHP: htmlentities();

Most major server-side coding languages also contain an intrinsic URL encoding function:
* ASP: Server.URLEncode()
* PHP: urlencode();

Posted by NH Tipy at 8:00 AM
Labels: , , , , ,

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)