Jump to content

A list of things to secure on FM and PHP

Peter Bowen

By Peter Bowen
in Security Concepts

 Share

This topic is 5906 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Peter Bowen Contributor

Peter Bowen

Posted
Posted

Greetings,

About to deploy a fm and php seminar registration system where our staff access the db via filemaker and the customers make bookings via a php webpage.

What I've read tells me to watch out for these problems on the php side:

Rubbish data - I've got input validation on all of the fields, but ultimately if someone wants to submit rubbish there is little I can do about it as the validation only checks that the email address is the right format and that the fields are not empty.

Cross Site Scripting - I'll strip out all tags before allowing the anything into the database

DB connection information - I'll include the connection as a separate file and put it above the web root

And these on the filemaker side:

Accounts and priveleges

Backups

So, what have I left off?

Thanks

Pete

Link to comment
Share on other sites

This topic is 5906 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept