Since co-reg involves a lot of php scripts running on your own server that are handling user input, I was wondering if anyone ever worries about security? E.g. What would happen if someone did a SQL injection attack or put some sort of malicious code into one of your forms and crashed your server, stole your data, yadda yadda.
Does anyone use any additional code to cleans / sanitize / secure user inputs? If so, do you mind sharing it?
maybe you're thinking too much?
Haha, maybe. But I know as a general practice you're supposed to secure user-submitted inputs. I'm going to read up on the subject a bit and report back if I find anything good.
why not just make is secure?
mysql_real_escape_string is one thing you should do
I always use mysqli prepared statements instead of regular mysql in PHP. Much better protection against SQL injection:
http://mattbango.com/notebook/web-de...hp-and-mysqli/
http://forum.codecall.net/topic/4439...ed-statements/
Thanks guys I'll look into both of these.