PHP Tutorials Security

Submitted by Easy Kiss 123 » This video tutorial will walk you through setting up a registration and login system for your web pages. You can then password protect any pages you desire on your website. The script allows a user to register, log in, log out, change their password, and retrieve a forgotten password. It also makes sure the user submits a valid email address by sending them a link to their email that they must click before the registration is completed. There is no need to know coding

Submitted by Adam » Well, before I get into details about how to prevent CSRF, lets explain what it is exactly. Cross Site Request Forgery (also known as XSRF, CSRF, and Cross Site Reference Forgery) works by exploiting the trust that a site has for the user.

Submitted by Adam » As long as there are programming languages people will try to hack them, fortunately for us this means we have to have our wits about us when writing applications. In this 2 part article we'll be discussing different ways that hackers try and break into our applications and how we go about protecting our applications from possible harm.

Submitted by Phptoys » In this tutorial I will show you how to create a captcha image to protect your form submissions.

Submitted by Web Cash » This tutorial shows you how to create an 8-character random password to send to implement into your user-management system.

Submitted by Nystic » Whenever you input data into the database, it must be sanitized. This is simply not an option. Not doing so leaves room for various exploits and attacks.

Submitted by Web Cash » This tutorial walks you through how to use the crypt() function in php. You'll encrypt a password so that it can be stored in the database, compare a new word to the encrypted password, and use an md5 hash to make sure you encrypt the entire passphrase.

Submitted by GFX-Depot » Why would I want to validate PHP_SELF? It's a server side value, so how could it be a security issue? Wrong! It can be altered by the user for XSS (Cross Side Scripting). Read on!

Submitted by Adam » We're going to be constructing an Apache-like, in fact we're going to be emulating the Apache ACL in its entirety. Although you could quite easily use Apache, this allows you to see how it's all done and even extend onto it to allow temporary bans which expire after a certain amount of time - if you were that way inclined.

Submitted by Coding City » In this tutorial you'll learn how to secure your scripts against SQL injections. Detailled explanation and good end result!