419
22
coMMon fAcebook cAnvAS
vulnerAbIlIty poIntS
e Facebook API changes quickly and it is difficult to keep up with the changes.
With that in mind, here are a few implementation issues that are common to games
and requests which involve exchanging messages, transferring coordinates for games
or maps, and saving data. e ideas presented below are not API dependent or appli-
cation specific. ey are designed to address points of vulnerability that often get
overlooked.
Saving Facebook RealTime Updates via PDO
Because SQL injection is still a prevalent problem, and instances of mysql_query()
with unescaped data are still being implemented either by default or out of habit, it is
time to move over to PDO prepared statements.
Here is an example of savi ...