All Questions
20
questions
2
votes
1
answer
170
views
Prevent Column Name Collision
I have been working on a series of posts about a library to connect to databases but most of the scenarios I have to resort to some "JOIN" the problem arose when two or more tables had some ...
user152284
5
votes
1
answer
144
views
Storing and confirming user input
I am a beginner, and I'm trying to secure a sign-login system on my website. Is my code good/enough to prevent SQL injection?
THIS IS THE SIGN FILES
This is the index.php that takes user input:
...
- 173
2
votes
2
answers
360
views
Secure file upload for PDF only
I am trying to create a secure file upload using PHP 7+ where I only allow PDF files. I found a lot of posts on this topic on different websites but couldn't find a complete solution that ensures that ...
- 223
5
votes
2
answers
1k
views
Inserting users using PDO prepared statements
I made a small script to update fields in a database. I'm using PDO to connect to MySQL. All the business logic of PHP is in the top half of the file, and the form is at the bottom.
Here is the full ...
- 204
-4
votes
2
answers
630
views
Simple login page [closed]
Could anyone tell me if this code is well written and if it has bugs / vulnerabilities?
class.user.php:
...
- 133
3
votes
1
answer
252
views
Checkout process
I'm building a checkout process where I am quite frequently making SQL connections based on user input so this is quite important. I want to know if it's well-protected from any SQL injection or other ...
- 133
-2
votes
1
answer
87
views
Adding tables and values to a database
I am having problems with my code because I am using a system called styleci. Can you please check it? How can I make it better and more secure?
...
3
votes
2
answers
145
views
Inserting a name into a database table
I want to ask you if my PHP code is safe enough. I don't know if I should escape special characters in string after regex validation:
...
- 133
7
votes
2
answers
1k
views
Preventing SQL injection by converting all characters to their ASCII values
In order to prevent SQL injection, I'm converting every character of a string to be inserted in the database into its ASCII value before performing the query. In order to read the value of the string ...
- 277
2
votes
1
answer
534
views
Securing a form with image uploads
I am using PDO prepared statements to store user entered input and store that input to the database. The code will store a text input and 5 uploaded images.
Will this code protect from data SQL ...
- 153
2
votes
2
answers
156
views
Social network message board website security
I have a script that contains functions from login in to posting status to friend request send and receive. Pretty much a social network script. Anyways i think my security is not up to date so if ...
- 41
-1
votes
1
answer
129
views
Is this shopping site safe from SQL injection attacks? [closed]
Please verify security from SQL injection attacks.
homepage.php
...
4
votes
2
answers
694
views
Is there a PHP security exploit with $_POST in my code?
I posted this question here.
And an answer stated that I should not do:
$table_name = 'survey_'.$_POST['surveyid'];
because
It is easy for a hacker to ...
- 205
5
votes
1
answer
158
views
System for inputting and monitoring worker shifts
I've been building a system for inputting and monitoring shifts for casual staff, who work across multiple sites with the ability to generate accounting information.
I've had some help from Stack ...
- 193
3
votes
1
answer
202
views
