+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Security in Codeigniter (/showthread.php?tid=12081)
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Cozmika[/eluser]
Hello,
I'm learning PHP. I know a little and I decided to start with Codeigniter.
What are the best practices in security with Codeigniter when using forms/strings/some input etc.?
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Pascal Kriete[/eluser]
The same practices that apply to any PHP application - or any web app, in fact.
Be paranoid about input data - clean, validate, clean again (CI has functions to help)
Be paranoid about request origins - form tokens, crossdomain.xml (if you're using flash), etc.
Store important data securely (hash passwords, avoid storing credit card data)
If you need any specifics let us know.
Welcome to Codeigniter.
Security in Codeigniter - El Forum - 10-05-2008
[eluser]manilodisan[/eluser]
Why start learning PHP with Codeigniter which does by itself all the things you should be learning hard. Why learn 50% php and 50% codeigniter when you should be learning 1100% php? Why use $this->db->query when you should be learning how to connect to your mysql with your eyes closed...
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Cozmika[/eluser]
Well, I now basics of PHP and I would like to use Codeigniter to help me make apps faster and with more security. Is there some link for security in PHP?
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Pascal Kriete[/eluser]
PHP Security Consortium
Presentation on the Basics
Edit: Forgot a good one:
Yahoo
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Sumon[/eluser]
From my point of view, if someone have some experience in scratch coding in PHP then it's more efficient for him/her to learn CI or any framework. First need to understand some basics of PHP. The basic can include a registration system where user can register themselves. Moreover, a section for admin where from member list should be viewed, edited or deleted.
If someone have fair experience upto this point and have a clear understanding of server side scripting, client side stuff(validation or so), database operation and integration of these then why not Code Igniter
On top of you must need MVC concept to learn CI. If someone don't have no need to be worried because CI user guide have an excellent section of MVC. Just first thing, make sure before start is MVC concept and working principle is clear.
Ops!! @Cozmika Welcome to Code Igniter
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Cozmika[/eluser]
I now how to write a very basic input data through HTML form, displaying, editing, deleting that data... Am I ready for CI or should I learn more?
Btw... Tnx for wellcome
Security in Codeigniter - El Forum - 10-05-2008
[eluser]manilodisan[/eluser]
what about sessions, cookies, $_POST, $_GET and all that stuff...CI might confuse you on many of these... I told you my opinion...
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Cozmika[/eluser]
Well, I understand $_POST, $_GET, cookies and sessions more or less...
Security in Codeigniter - El Forum - 10-05-2008
[eluser]Colin Williams[/eluser]
You can learn PHP along the way with CI. I did.