5.5. Techniques to Make Scripts “Safe”
There is only one solution to keeping your scripts running safe: Do not trust users. Although this may sound harsh, it's perfectly true. Not only might users “hack” your site, but they also do weird things by accident. It's the programmer's responsibility to make sure that these inevitable errors can't do serious damage. Thus, you need to deploy some techniques to save the user from insanity.
5.5.1. Input Validation
One essential technique to protect your web site from users is input validation, which is an impressive term that doesn't mean much at all. The term simply means that you need to check all input that comes from the user, whether the data comes from cookies, GET, or POST data.
First, turn off ...
Get PHP 5 Power Programming now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.