 |
 |
 |
 |
|
|
|
Checking Data
Spencer P
Trust is everything in this day and age. You have to trust
a lot of people, from the guy who gives you directions to your
local plumber. After all, you're not always the authority. However, when
developing applications for the web, you must assume the
role of authority. Otherwise, the user will assume the role, which is a big gamble:
total data integrity, data corruption, or diversion of data -- if the
user is the authority, you don't know what the results will be.
We blame a lot of problems on "bad code". However, bad code isn't
necessarily written with malicious intent; good code can go bad through simple
misunderstandings and misuse of technologies. Three basic
steps can be taken to avoid creating bad code. The first step is
ensuring that you can trust your input. The next step is manipulating that input
data carefully. The final step is providing the appropriate people with
secure, reliable access to that data.
[ Next Page ]
| Comments: | ||
| Do you wanna buy Credit Card ? | Migawa | 12/29/04 01:54 |
| how do i hack credit cards | tosin | 11/18/04 13:43 |
| RE: Credit card hack -- will that work?? | john smith | 02/07/04 20:29 |
| A generic validation script for web forms? | Kelvin Poon | 09/19/03 11:22 |
| RE: Where to check? | Jester | 04/05/03 12:03 |
| Where to check? | Ian | 10/09/02 02:11 |
| Real Time Data | John | 10/06/02 10:27 |
| RE: What about this ? | Chris | 09/23/02 17:02 |
| What about this ? | Staffan Söderström | 09/13/02 06:37 |
| RE: Credit card hack -- will that work?? | Andy Christianson | 09/06/02 01:50 |
| RE: Credit card hack -- will that work?? | Andy Christianson | 09/03/02 16:51 |
| RE: Javascript form validation workaround | Mark Bembnowski | 08/20/02 11:54 |
| Security of $_POST[] | Jeremy Brown | 07/28/02 15:55 |
| RE: Very dangerous sql code possible | Daniel Tsadok | 07/16/02 06:24 |
| Javascript form validation workaround | Daniel Tsadok | 07/16/02 05:56 |
| Somebody has hacked my credit card | Parul Asha Singh | 07/14/02 11:11 |
| RE: When is it too much | Hari Usmayadi | 07/07/02 22:29 |
| check input | Wolfgang Hamann | 04/14/02 03:28 |
| unknown extension | Peter van Rooijen | 04/03/02 02:13 |
| excellent !! | mika | 02/02/02 09:15 |
| Un Normalised Table Into Un Normalised Data | Mehmood Ahmed Chadhar | 09/26/01 03:00 |
| RE: Credit card hack -- will that work?? | Grasso | 08/06/01 00:23 |
| RE: ...basic problem.. | Frans-Jan Wind | 07/24/01 02:38 |
| Page Caching | Unknown | 07/19/01 02:16 |
| ...basic problem.. | Van Tri | 05/04/01 08:49 |
| RE: Very dangerous sql code possible | Chris Boget | 04/04/01 13:16 |
| good solution | igor | 03/22/01 13:24 |
| RE: Credit card hack -- will that work?? | Michael McGinley | 03/13/01 11:44 |
| RE: http_refferer | Josh | 03/11/01 02:19 |
| Credit card hack -- will that work?? | Chuck Clayton | 02/15/01 11:13 |
| RE: Very dangerous sql code possible | Wojtek | 12/24/00 07:18 |
| RE: http_refferer | Michael Rowe | 11/26/00 00:46 |
| Very dangerous sql code possible | Greg MacLellan | 11/22/00 12:18 |
| Checking for bad SQL | Martijn | 11/14/00 11:05 |
| http_refferer | Adam Zochowski | 11/13/00 12:51 |
| It's array_push not push_array | John Miller | 11/10/00 15:34 |
| RE: Also need to strip HTML tags from input | spencer p | 11/10/00 11:53 |
| Also need to strip HTML tags from input | John Lim | 11/09/00 10:03 |
| RE: When is it too much | spencer p | 11/04/00 16:59 |
| RE: When is it too much | Tim Frank | 11/03/00 23:38 |
| When is it too much | CCBCREG | 11/03/00 13:35 |
| Article | Marc | 11/03/00 03:14 |
| Excellent ! | Bjorn Sodergren | 11/03/00 01:23 |
|
If you are looking for help, please post on the appropriate forum here. Your questions will be answered much more quickly. | ||