- Always use SSL in environments where security is an issue.
- There are strong and weak ways to set up user passwords. See David Powers "PHP Solutions" for a secure method. (I think it's about the last chapter).
- Use SESSIONS to pass critical variables, not url parameters.
- Use PHP constants, which cannot be changed as easily as variables.
↧
Re: Basic Web Functionality - Security Question
↧