PHP Tutorials — Security

An upload script with extensions validation trough mime types! May come in handy next time you start a PHP project where you only want people to upload images!

Learn to sanitize input sent to your web application by recursively applying a white list to your global variables.

Build Your Own Captcha and Contact Form

Secure Your Forms with Form Keys

Creating an Advanced Password Recovery Utility

This tutorial will show you how you can easily yet effectively protect your website and database against SQL injections and to secure user inputs.

$_GET data is usually passed to the browser to indicate what page or article to load from a Website and may be used to make a query to your MySQL database. You probably already have protected your MySQL database from SQL injection attacks. Let's take an extra step to protect the valuable data your MySQL tables hold. You can prevent users from messing with URL Query Strings by validating validating $_GET data before you execute anything with it.

Anybody that codes a script that accepts user input and inserts data into a sql database must make sure the database's integrity is protected. Is your database safe from SQL injection attacks?

5 Helpful Tips for Creating Secure PHP Applications

One of my sites was recently hacked by some dildo. I was running Joomla 1.5 and they broke into the admin account with a known exploit. This video shows you how you can prevent it to start with and how to reset your admin password to get back into your site.