Board index   FAQ   Search  
Register  Login
Board index PHP PHP General

PHP Security Holes and Solution

General discussions related to php

Moderators: macek, egami, gesf

PHP Security Holes and Solution

Postby xmetalxx » Mon Jul 07, 2003 10:31 am

I have been assigned by my lecturer to do this project title about php and i'm a newbie in php. I hope you all can help me and guide me to do this project. Thanks!

Project Title:
Web Application Security Holes and Solutions

Brief Description:
This is more of a research-based project. The student is required to perform a study on security issues of web application. The student is then required to write a prototype system and be able to show the security loopholes that can exist in such a system. After that, the student needs to perform a study on how to write secure codes for web applications and be able to implement those security codes inside the prototype develop earlier. The student must then be able to show that the security codes has eliminated the security loopholes found earlier. The student must use PHP to write the prototype.

Expected Result:
1) A study on the web application security holes and their solutions.
2) A prototype system to show the vulnerabilities.
3) A prototype system with extra security coding to eliminate the vulnerabilities found earlier.
xmetalxx
New php-forum User
New php-forum User
 
Posts: 2
Joined: Mon Jul 07, 2003 9:29 am

Re: PHP Security Holes and Solution

Postby WiZARD » Tue Jul 08, 2003 12:01 am

as i know, all problem from bad hand's of programmer/admin......
User avatar
WiZARD
Moderator
Moderator
 
Posts: 1257
Joined: Thu Jun 20, 2002 10:14 pm
Location: Ukraine, Crimea, Simferopol

Postby swirlee » Tue Jul 08, 2003 11:44 am

I suggest Google. A few good searches like "common web security holes" or "web application security" or similar ought to produce plenty of leads. Also, most of the good PHP article/tutorial sites have a few articles about writing secure scripts. Also, since so many PHP apps are written in conjunction with MySQL, do a few searches concerning database security issues also. The words will serve you well. Again, your best tool is Google. Good luck -- it sounds like a tough project, but, at the risk of sounding petulant, since it's for a school project I think you should do a bit more of your own "guiding" rather than asking us to provide answers. But I'll leave you with two handy phrases: "register global variables" and "SQL insertion attack". Remember, Google is your friend.
User avatar
swirlee
Moderator
Moderator
 
Posts: 2272
Joined: Sat Jul 05, 2003 1:18 pm
Location: A bunk in the back

Postby xmetalxx » Wed Jul 09, 2003 4:09 am

Thanx!
xmetalxx
New php-forum User
New php-forum User
 
Posts: 2
Joined: Mon Jul 07, 2003 9:29 am

Postby frogrocker » Wed Jul 09, 2003 6:35 am

it might be also worth your time to head over to http://astalavista.box.sk to search for security problems. There's plenty there i think!
User avatar
frogrocker
New php-forum User
New php-forum User
 
Posts: 98
Joined: Mon Jul 07, 2003 10:30 pm
Location: Manchester


Return to PHP General

Who is online

Users browsing this forum: Google [Bot] and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.