Home Backend Development PHP Tutorial PHP Security Common Sense Verification Data_PHP Tutorial

PHP Security Common Sense Verification Data_PHP Tutorial

Jul 15, 2016 pm 01:29 PM
php excellent use exist study Safety common sense data user verify

LearningYour users are probably pretty good, and most of them are probably using the app exactly as expected. But wherever there is an opportunity for input, there is also a high probability of very bad input. As an application developer, you must prevent your application from accepting incorrect input. Careful consideration of the location and correct value of user input will allow you to build a robust, secure application.

Listed below are general validation tips for various types of validation data:

Use values ​​from a whitelist

Always revalidate limited options

Use built-in escaping functions

Verify correct data type (e.g. number)

White-listed value is the correct value, as opposed to invalid black-listed value. The difference between the two is that typically when validating data, the list or range of possible values ​​is smaller than the list or range of invalid values, many of which may be unknown or unexpected values.

When validating data to keep PHP secure, remember that it is often easier to design and validate the values ​​your application allows than to protect against all unknown values. For example, to limit a field value to all numbers, you need to write a routine that ensures that the input is all numbers. Do not write routines that search for non-numeric values ​​and mark them as invalid when they are found.


www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/446401.htmlTechArticleYour users may be very good at learning, and most of them may use the application exactly as expected. However, as long as the opportunity for input is provided, it is very likely that there will be very...
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot Article Tags

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian Dec 24, 2024 pm 04:42 PM

PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian

CakePHP Date and Time CakePHP Date and Time Sep 10, 2024 pm 05:27 PM

CakePHP Date and Time

CakePHP Project Configuration CakePHP Project Configuration Sep 10, 2024 pm 05:25 PM

CakePHP Project Configuration

CakePHP File upload CakePHP File upload Sep 10, 2024 pm 05:27 PM

CakePHP File upload

CakePHP Routing CakePHP Routing Sep 10, 2024 pm 05:25 PM

CakePHP Routing

Discuss CakePHP Discuss CakePHP Sep 10, 2024 pm 05:28 PM

Discuss CakePHP

How To Set Up Visual Studio Code (VS Code) for PHP Development How To Set Up Visual Studio Code (VS Code) for PHP Development Dec 20, 2024 am 11:31 AM

How To Set Up Visual Studio Code (VS Code) for PHP Development

CakePHP Quick Guide CakePHP Quick Guide Sep 10, 2024 pm 05:27 PM

CakePHP Quick Guide

See all articles