O'Reilly logo

CMS Made Simple Development Cookbook by Samuel Goldstein

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Restricting and sanitizing parameters to a module

The internet can be a wretched hive of scum and villainy, and any well-written module takes some measures to protect itself from attack. One element in a good, layered defense involves validating the type of data being submitted to a module.

The CMS Made Simple module API has a formal process for declaring which parameters a module expects, and some limited control over their type. Using these methods can be a good first-line of defense against both SQL-injection and Cross-Site Scripting type attacks.

How to do it...

  1. Use SSH to connect to your server.
  2. Change your working directory to the modules directory of your CMS Made Simple installation directory, for example:
    cd /var/www/mysite-root/modules ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required