Board index   FAQ   Search  
Register  Login
Board index php forum :: PHP and MySQL Security PHP & MySQL Security

How well suited is a PHP-MySQL implemetation???

Security issues related to php and mysql usage. How to make your code secure? Security measures and configurations? It's all in here!

Moderators: macek, egami, gesf

How well suited is a PHP-MySQL implemetation???

Postby k4pil » Tue Jul 12, 2005 1:24 pm

Hi there.

I'm going to start a project at university so thought i'd get some advice before i do.

In the project i am to develop a content management system for the University Biology Lab(don't ask why!). The online implentation is to have high security, as well as other features such as ease of use, reliability and so on.

My question is;
:help:
How suited is Php-MySql for this??
I have created a online management system before using php-MySql, but, i did not consider safety as there was no need.

Thanks in advance!
k4pil
New php-forum User
New php-forum User
 
Posts: 42
Joined: Tue Jul 12, 2005 1:19 pm

Re: How well suited is a PHP-MySQL implemetation???

Postby WiZARD » Tue Jul 26, 2005 10:22 am

k4pil wrote:Hi there.

I'm going to start a project at university so thought i'd get some advice before i do.

In the project i am to develop a content management system for the University Biology Lab(don't ask why!). The online implentation is to have high security, as well as other features such as ease of use, reliability and so on.

My question is;
:help:
How suited is Php-MySql for this??
I have created a online management system before using php-MySql, but, i did not consider safety as there was no need.

Thanks in advance!

Hi!
I's just algorithm:
Firstly to you need exploring all what you can find in internet about php (http://www.php.net/links) about session it's can help, and MySQL tables and how operate it (I'm use MySQL Manager by EMS, try find in google)
Secondly using session you can organize somethisg like this:
1 in additional table you are store:
a: userlogin string 20
b: userpassword string 20
c: userlastvisit date 8
d: userip string 15 (optional)
e: usersession string 32 (optional)
2 create function/class what check usersession or/and userip(current).
3 include this function/class into common or somthing like file
4 done

Good luck!
User avatar
WiZARD
Moderator
Moderator
 
Posts: 1257
Joined: Thu Jun 20, 2002 10:14 pm
Location: Ukraine, Crimea, Simferopol

Postby Alexej Kubarev » Tue Jul 26, 2005 10:30 am

userpassword should be a string of 32 characters: MD5 hash.. the security in php is discussed best in http://www.phpsec.org
otherwise php and mysql give you a power to create highly secure applications
User avatar
Alexej Kubarev
Site Admin
Site Admin
 
Posts: 2223
Joined: Fri Mar 05, 2004 7:15 am
Location: Täby, Stockholms län

Postby marwa » Tue Apr 10, 2007 11:03 pm

Dear,

information above help me ...thank you very much for that

but ... if there any example of how function created...any example ...

thank you

Marwa
marwa
New php-forum User
New php-forum User
 
Posts: 3
Joined: Mon Apr 09, 2007 4:05 am

Postby Alexej Kubarev » Wed Apr 11, 2007 2:01 am

It all depends on which function u are talking about?

Creating MySQL Table is done with a CREATE TABLE Statement documentation for which is found at http://dev.mysql.com

The rest is simply some logic with PHP and requests to MySQL
User avatar
Alexej Kubarev
Site Admin
Site Admin
 
Posts: 2223
Joined: Fri Mar 05, 2004 7:15 am
Location: Täby, Stockholms län

Postby marwa » Wed Apr 11, 2007 3:03 am

Dear Alexei ,

really I create the tables ... and finish most form using PHP & MySQL ...

but I dont have any background of how to write access validation function ...

thank you very very much ...

marwa
marwa
New php-forum User
New php-forum User
 
Posts: 3
Joined: Mon Apr 09, 2007 4:05 am


Return to PHP & MySQL Security

Who is online

Users browsing this forum: No registered users and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.