how make sending POST safe !

hello
15 Replies
NIMA
NIMAOP3mo ago
i just php few weeks and i want know how can i make sending input value with post more safe and stronger for avoid hacker hack data base and .... i use preg_match and mysqli_real_escape_string and validte all input but i still dont know its safe or no
ἔρως
ἔρως3mo ago
we can't tell you it's impossible to answer
NIMA
NIMAOP3mo ago
🤔
ἔρως
ἔρως3mo ago
what you're asking is an unsolved problem "gives any program, tell me if it's safe" that's what you're asking
NIMA
NIMAOP3mo ago
ye i know but what is best thing for avoid it for now
ἔρως
ἔρως3mo ago
if you want a review on a piece of code, then that's different a lot of things like, an almost uncountable list of things one thing i can tell you for sure: never trust any used input seriously, without seeing some code, nobody can answer that just so you know, there are situations in which mysqli_real_escape_string is unsafe
NIMA
NIMAOP3mo ago
ohhh so this is not good for avoid sql injecshen
ἔρως
ἔρως3mo ago
i can't answer that
NIMA
NIMAOP3mo ago
is there any where u know i can read more about this stuff ?
13eck
13eck3mo ago
Simple answer: you can’t Complex answer: there’s an entire field devoted to security Mid-tier answer: there are a few things you can do to be safer
ἔρως
ἔρως3mo ago
the php documentation warns about some things to avoid, but without seeing your code, nobody can say anything for sure
13eck
13eck3mo ago
Input validation and string sanitation are two of the lower-hanging fruits. As epic said: never trust user input But really, this ☝️ If you have specific code you have questions about we can help more then generalities
ἔρως
ἔρως3mo ago
and you have to make sure that what goes out is safe, not just what goes into the database
13eck
13eck3mo ago
You can start with the OWASP Top 10 critical issues facing developers. Then move on to their cheatsheets series for more in-depth info about specific topics.
NIMA
NIMAOP3mo ago
big tnx
Want results from more Discord servers?
Add your server