Jump to content
View in the app

A better way to browse. Learn more.
FMForums.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

A list of things to secure on FM and PHP

Peter Bowen
in Security Concepts

Featured Replies

Greetings,

About to deploy a fm and php seminar registration system where our staff access the db via filemaker and the customers make bookings via a php webpage.

What I've read tells me to watch out for these problems on the php side:

Rubbish data - I've got input validation on all of the fields, but ultimately if someone wants to submit rubbish there is little I can do about it as the validation only checks that the email address is the right format and that the fields are not empty.

Cross Site Scripting - I'll strip out all tags before allowing the anything into the database

DB connection information - I'll include the connection as a separate file and put it above the web root

And these on the filemaker side:

Accounts and priveleges

Backups

So, what have I left off?

Thanks

Pete

Create an account or sign in to comment

https://fmforums.com/topic/58511-a-list-of-things-to-secure-on-fm-and-php/
Go to topic listing

Important Information

By using this site, you agree to our Terms of Use.

I accept

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.