interview

home / developersection / interviews / how to prevent form hijacking in php?

Ask Question

How to prevent form hijacking in PHP?

Anonymous User 3954 13-Jun-2011
php php 
Updated on 24-Sep-2020
Anonymous User

Other

I am a content writter !

Message
Can you answer this question?
Answer

1 Answers

Anonymous User

Anonymous User

13-Jun-2011

We take following steps to prevent form hijacking in php.

1. Make register_globals to off to prevent Form Injection with malicious data.
2. Make Error_reporting to E_ALL so that all variables will be intialized before using them.
3. Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes()  for filtering malicious data in php
4. SQL injection attacks by using mysql_escape_string().
5. User Input Sanitization-Never trust web user submitted data. Follow good clieint side data validation practices with regular expressions before submitting data to the serve.
6. Form Submision Key Validation: A singleton method can be used to generate a Session form key & validating form being submitted for the same value against hidden form key params.

advertising
advertising

Liked By

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy