re: Security Tips for a PHP Application VIEW POST

FULL DISCUSSION
 

As an addendum, I'd add: "Learn about SQL injection." This is still the most common attack vector against a web application. Most modern frameworks will protect you from this, but you should absolutely know what it is, how it works, and how to avoid being open to it.

 

Yes ! I recommend this short but useful resource, also the same site have a good resource about PDO

 

It's so sad that it still is. I mean it's a solved problem, just use prepared statements and you are save!

 

Yes, and you can't imagine how many website are vulnerable to this kind of attack and XSS and CSRF as well.
Even if they are well known and have great mitigation techniques.
Follow secure tips like the ones described here and the OWASP documents and you are good to go.

code of conduct - report abuse