Friday, July 31, 2009

zend php 5 certification : filtering input

We should not trust any input from any source.The source could be a user, url or database value, any thing. Every input data must be filtered. unfiltered data makes your system vulnerable to attacks. php offers many input filtering functions. Let's a mock zend php 5 certification question regarding this.


Question : What is the best way to ensure the distinction between filtered / trusted and unfiltered / untrusted data?

Answer:

1. None of the above
2. Never trust any data from the user
3. Enable built-in security features such as magic_quotes_gpc and safe_mode
4. Always filter all incoming data
5. Use PHP 5's tainted mode
See the book OpenCart 1.4 Template Design Cookbook.
See the book Joomla Mobile Development Beginners Guide




List of my works:

Opencart Extensions:

  1. Product Based Quantity Wise Shipping: Find it here.
  2. OpenSSLCOMMERZ: integrate SSLCOMMERZ with opencart: Find it here.
  3. Fine Search v.1.0 - Improves Opencart search feature to find relevant: Find it here.
  4. Opensweetcaptcha - An easy way to generate attractive captcha for your system!: Find it here.
  5. Custom Field Product - add unlimited custom fields to the product form: Find it here.
  6. Formcaptcha - add captcha on the register page: Find it here.

My Books:

  1. OpenCart 1.4 Template Design Cookbook.
  2. Joomla Mobile Development Beginners Guide

No comments: