lunes, 7 de diciembre de 2009

PHP - Writing secure code

Use check functions on output to prevent cross site scripting attacks
No piece of user-submitted content should ever be placed as-is into HTML.

See how to handle text in a secure fashion for more details.

Use the database abstraction layer to avoid SQL injection attacks

Use the database layer correctly.


No hay comentarios: