Conversation
Notices
-
ignurante (ignurante)'s status on Wednesday, 31-Dec-2014 19:14:36 CET ignurante Over 78% of All #PHP Installs Are Insecure - http://ur1.ca/ja1gi #Infosec #FLOSS #OpenSource - Roland Häder likes this.
-
Roland Häder (roland)'s status on Friday, 09-Jan-2015 11:30:01 CET Roland Häder @ignurante It is because of they don't secure input data from $_GET, $_POST and so on which then can be easily inserted into SQL strings causing #SQL-injection or in include commands #remote-inclusion. I use full paths, sprintf() and mysql_real_escape_string() (I know, the MySQL extension is out-dated) to combat those attacks. Plus in addition I use my enhanced edition of #ctracker: https://git.mxchange.org/?p=ctracker.git;a=summary git://git.mxchange.org/ctracker.git