UKJester's "Application Security" Rant

When writing PHP applications, security is of paramount importance.

At the time of writing, the main security risks come from 2 quarters; Injection and Cross-Site Scripting. I will explain these 2 forms of attack in greater detail but they are not the only dangers you face. For loads of safety tips and a list of the top 10 current risks, see the OWASP website.

NOTE: The examples on this page use MySQL which is now deprecated and should not be used. Please use something like MySQLi or PDO and replace the code in the examples accordingly.

Never trust user data!