PHP Tutorials Security

Submitted by drunkenfury » The internet is not safe. It never will be. We will always have trolls and spammers, but even worse: Hackers. Luckily, you can fight these as a webmaster. The most common reason how your website gets hacked, is via user input that gets displayed. I’ll show you how to avoid this with a fairly simple script.

Submitted by PHPwned » A very long tutorial on making an advanced user system with usergroups, timezones, avatars and "online now" system.

Submitted by Creative Designs » Learn how to ban ip-s from your website, forum, blog.

Submitted by Easy Kiss 123 » This video tutorial will walk you through setting up a registration and login system for your web pages. You can then password protect any pages you desire on your website. The script allows a user to register, log in, log out, change their password, and retrieve a forgotten password. It also makes sure the user submits a valid email address by sending them a link to their email that they must click before the registration is completed. There is no need to know coding

Submitted by Adam » Well, before I get into details about how to prevent CSRF, lets explain what it is exactly. Cross Site Request Forgery (also known as XSRF, CSRF, and Cross Site Reference Forgery) works by exploiting the trust that a site has for the user.

Submitted by Adam » As long as there are programming languages people will try to hack them, fortunately for us this means we have to have our wits about us when writing applications. In this 2 part article we'll be discussing different ways that hackers try and break into our applications and how we go about protecting our applications from possible harm.

Submitted by Phptoys » In this tutorial I will show you how to create a captcha image to protect your form submissions.

Submitted by Web Cash » This tutorial shows you how to create an 8-character random password to send to implement into your user-management system.

Submitted by Nystic » Whenever you input data into the database, it must be sanitized. This is simply not an option. Not doing so leaves room for various exploits and attacks.

Submitted by Web Cash » This tutorial walks you through how to use the crypt() function in php. You'll encrypt a password so that it can be stored in the database, compare a new word to the encrypted password, and use an md5 hash to make sure you encrypt the entire passphrase.