I'm writing my first commercial site and of course I am thinking about security. I'm worried about someone using a flaw in my PHP script logic to access information they shouldn't.
I've read the PHP books I have and Googled around but can't quite find specific answers to my questions about PHP and security. In general how does one go about hardening a PHP script. i.e. making it as "hacker-proof" as possible. General things like: - verifying user inputted data - not putting clear-text passwords in php scripts - use "safe-mode"? And specifically, what are some things one can do? Things like: - use addslashes with user data - use mysql_escape_string for data submitted to mysql Thanks, Jc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php