PHP Security Holes and Solutions

xmetalxx

I have been assigned by my lecturer to do this project title about php and i'm a newbie in php. I hope you all can help me and guide me to do this project. Thanks!

Project Title:
Web Application Security Holes and Solutions

Brief Description:
This is more of a research-based project. The student is required to perform a study on security issues of web application. The student is then required to write a prototype system and be able to show the security loopholes that can exist in such a system. After that, the student needs to perform a study on how to write secure codes for web applications and be able to implement those security codes inside the prototype develop earlier. The student must then be able to show that the security codes has eliminated the security loopholes found earlier. The student must use PHP to write the prototype.

Expected Result:
1) A study on the web application security holes and their solutions.
2) A prototype system to show the vulnerabilities.
3) A prototype system with extra security coding to eliminate the vulnerabilities found earlier.

trooper

U got a lot of reading to do buddy

take a look at zend.com as well as this site

tbach2

Never, never, never, never trust user input. IMHO this is the biggest risk you will face. For some really good information, go right to php.net

planetsim

Did i read what he has to do right.

You gotta make crappy code, so when someone visits they can find a security hole. Then re-fix it.

Makes absolutely no sense to me..

Ive got one for you..

have an include like this

include($page);

Then create another file. then do this

index.php?page=your/evil/script.php

Of course remembering where you saved the file.

xmetalxx

Thanx!