Keeping your apps safe

[eluser]jmadsen[/eluser]
WanWizard just tweeted this - scary as hell:

https://github.com/search?p=3&q=extensio...ysql_query+$_GET&ref=searchresults&type=Code

Earlier today I ran across a guy retweeting a tutorial on making your own login with Codeigniter, using MD5 and no salt.

As CodeIgniter is often an entry level framework, I think it's important to keep posting security blogs & tutorials to make sure we spread the word about avoiding these bad practices. It doesn't help to do it once and forget it - we need to continually teach this.

So, this is a repost on properly validating forms I hope newer programmers will take a look at. I'd like to see other devs post whatever they may have written on this subject to keep this thread fresh and alive.

http://codebyjeff.com/blog/2012/12/web-f...n-mistakes