HOW TO PREVENT FORM HIJACKING IN PHP?

Awadhendra Tiwari

Total Post:510

Points:2550
Posted by  Awadhendra Tiwari
PHP 
PHP
 1846  View(s)
Ratings:
Rate this:
  1. Awadhendra Tiwari

    Post:510

    Points:2550
    How to prevent form hijacking in PHP?

    We take following steps to prevent form hijacking in php.

    1. Make register_globals to off to prevent Form Injection with malicious data.
    2. Make Error_reporting to E_ALL so that all variables will be intialized before using them.
    3. Make practice of using htmlentities(), strip_tags(), utf8_decode() and addslashes()  for filtering malicious data in php
    4. SQL injection attacks by using mysql_escape_string().
    5. User Input Sanitization-Never trust web user submitted data. Follow good clieint side data validation practices with regular expressions before submitting data to the serve.
    6. Form Submision Key Validation: A singleton method can be used to generate a Session form key & validating form being submitted for the same value against hidden form key params.

Answer

NEWSLETTER

Enter your email address here always to be updated. We promise not to spam!