Reconsidering PHP variables

Php helps you to quickly build big applications and many times, its easy to neglect the security matter. Its easy to believe that security breaches could not happen to your software. But what if it does happen? For this reason, security in your applications should be kept in consideration from the beginning.

TABLE OF CONTENTS:

By: Iulian Turnea

Poor Best

Rating:

/ 45

January 10, 2005

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

I have read in the past many scary things about PHP variables. Words like: be aware, take care or look again are still in my mind. And slowly, I have realized that it would be prudent to follow some steps when using PHP variables. I have tested many secure implementations and found no performance decrease when being processed by the PHP engine.

Here is a short list of things you can do to better protect the security of your applications:

Check the number of POST, GET and COOKIE variables handled by your applications.
Check if the variable content is of appropriate type.
Using REQUEST METHOD and REFERRER.
Check the variable content length.
Check a 'secret key' inside one variable.

Next: Counting your cookies? >>



	>>> More PHP Articles >>> More By Iulian Turnea

blog comments powered by Disqus

PHP ARTICLES

- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...
- PHP: Building Concrete Validators
- Sanitizing Input with PHP
- Executing Shell Commands with PHP
- Handling File Data with PHP
- File Security and Resources with PHP
- ArrayObject PHP Class Examples
- ArrayObject PHP Class: An Introduction
- Getting File System Data with PHP
- PHP Tools for Working with the File and Oper...
- Working with the File and Operating System w...
- PHP Proxy Patterns: Completing a Blog

Find More PHP Articles

DevShed

PHP Tutorials

Reconsidering PHP variables

See Also:

Dev Shed Tutorial Topics: