DoS attacks using wildcards
Posted on June 5, 2008 - Filed Under filtering input | Leave a Comment
Say, your web application processes all this data and shows it back to the user, and your code doesn’t check number of records that has been asked for, then your application is also affected. An application level DoS. …
Read More..>>PHP Security / SQL Security - Part 1
Posted on June 5, 2008 - Filed Under programming | Leave a Comment
Combining the above techniques to provide stripping of tags, escaping of special shell characters, entity-quoting of HTML and regular expression-based input validation, it is possible to construct secure web scripts with relatively …
Read More..>>PHP / SQL Security - Part 2
Posted on June 5, 2008 - Filed Under security | Leave a Comment
In the previous article, I looked at processing and securing user input when it is to be redisplayed or executed as PHP code. Now its time to consider entering that data into a database, and cover the security issues which arise when …
Read More..>>[Privacy] Re: Tor, IP privacy?
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
This is however, *both* input filtering and output filtering. You are input filtering the content that will later (presumably) be output to the user, and output filtering the SQL query. As for me, I prefer output filtering. Why? …
Read the original: [Privacy] Re: Tor, IP privacy?
Security Corner: SQL Injection
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
Input Filtering. This article assumes magic_quotes_gpc is disabled. If it is enabled, you can disable it or use the fix_magic_quotes() function to repair the input. There are best practices that you should follow to prevent SQL …
Excerpt from:Security Corner: SQL Injection
Ceramic Input Capacitors Can Cause Overvoltage Transients
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
When it comes to input filtering, ceramic capacitors are a great choice. They offer high ripple current rating and low ESR and ESL . Also, ceramic capacitors are not very sensitive to over voltage and can be used without derating the …
Read the rest here: Ceramic Input Capacitors Can Cause Overvoltage Transients
PHP Advent Calendar Day 13
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
Because we\’re a MySpace-like social network, we have to base our input filtering of certain fields on a blacklist of illegal tags, properties, and URLs instead of a whitelist of allowed tags (which is more common among many libraries). …
Credit:PHP Advent Calendar Day 13
Ed Finkler's Blog: Inspekt 0.3 now available
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
I\’ve uploaded the 0.3 release of Inspekt, the input filtering and validation library for PHP4 and 5. With this release, Inspekt completes the goals of the original specification for the OWASP SpoC007 project. …
See the rest here: Ed Finkler's Blog: Inspekt 0.3 now available
How to use input filtering on node type with 2 textareas
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
I want to add input filtering to the textareas, but this doesn\’t seem to work. No matter if i set the …
Excerpt from:How to use input filtering on node type with 2 textareas
Ed Finkler’s Blog: Inspekt 0.3 now available
Posted on January 1, 1970 - Filed Under Input Filtering | Leave a Comment
Ed Finkler has released the latest version of his Inspekt input filtering/output validation library for PHP5: I’ve uploaded the 0.3 release of Inspekt, the input filtering and validation library for PHP4 and 5. …
View original here: Ed Finkler’s Blog: Inspekt 0.3 now available