Hello everybody
I want to ask what is good solution for security (agaist cross scripting xss, sql injection, stolen data, all these problems… etc… )
I know the topic is not so simple, it depends how the project works…
but ok… I think do something is better than do nothing in security field…
Supposing i want to start to avoid some problems with imput form and the database registration…
I have seen exist some filters-var commands that make some work…
this seem a good solution…
for example you can sanitize strings, email, url…
and it seem you can also make some simple validation in the same time…
here a list of commands by php official guide i’m speaking about
http://php.net/manual/en/filter.filters.sanitize.php
i know also there are other command like htmlentitels, strip_tags… mysql real escaping… etc…
this is a bit a mess because you don’t understand what you have to do with all these commands apparently seem they make the same things…
(are not filter enougth?)
you are not sure for what kind of attack every commands can protect you and for what they can be turn around by some bad code…
i want to start simply taking care of the problem in someway…
starting with the basic solutions…