It's just a question.

#1
[eluser]Olivares[/eluser]
Hello Friends.

i'm a newbie with CI and i have a question, if i use CI my sites are safe from sql injection or cross side scripting?

im considering CI for a proyect but i don't know if i'm safe with just CI or i need extra validations.

#2
[eluser]wiredesignz[/eluser]
All the tools to make a secure site are available in CI, of course it's up to you to use them.

#3
[eluser]Olivares[/eluser]
thanks, for your answer. now i fell more confortable with CI.

Do you have a tip or comment to validate input user using CI tools,

Thanks again.

#4
[eluser]wiredesignz[/eluser]
Yes.

Read the user guide:
http://ellislab.com/codeigniter/user-gui...ation.html

#5
[eluser]Olivares[/eluser]
Thats cool, thank you very much. Big Grin

#6
[eluser]tobben[/eluser]
Also take a look at http://ellislab.com/codeigniter/user-gui...ecord.html

...or just take a look at the entire manual :p

#7
[eluser]ejangi[/eluser]
Yeah, CI is pretty good in terms of security, but it doesn't take long for an un-educated developer to poke holes in it. You still need to be responsible for making your own code as secure as possible.

#8
[eluser]tobben[/eluser]
I think the right attitude/behaviour for any web programmer is to have some sort of paranoid personality disorder. Big Grin

#9
[eluser]ejangi[/eluser]
Hehehe... Pretty much! Tongue


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.