The “secure form step by step” project started after finishing the PHP security introduction document. The idea was to create a basic form security mechanism for showing the practical approach of the concepts mentioned in the PHP security introduction document.
I show how to build a basic form in HTML and style it with CSS. Form submission techniques are also covered. Basic PHP form processing is explained with code examples.
Validation and sanitizing
In this chapter, I explain how to do basic form testing in PHP. For example I check if the submit button is pressed and POST is used. I check if form variables are manipulated, etc. I do checks on the several form fields and also prevent code execution.
Form specific security
Form specific security covers avoiding multiple submissions, preventing e-mail injection and checking if no robot is filling out the form.
Environment security focuses on personalizing error messages, session security (HTTP and cookies) as well as securing the Web server. The Web server security measures are based on php.ini and htaccess modifications.
Prevent common attacks
In this chapter, you learn how to protect the form against XSS, CSRF and SQL injection.
If you want more information, you can get my PDF document for free, no e-mail required for downloading, no fancy marketing tricks. It’s just FREE ! Click on the above link to start the download.
– get post updates by subscribing to our e-mail list
– share on social media :