Please Can someone give me a tool for checking my script is 'it secure or not???
You'll be lucky, unless you're willing to pay for a bespoke tool.
Personally, I suggest submitting the code to the Code Critique forum and letting the pros (and me 😃 ) take a look at the code.
what is bespoke tool can you give me a link???
By bespoke tool, I mean that you will probably have to pay someone to create such a tool just for your site.
there isn't any readymade tool??
There probably isn't a tool that will test the security of your php scripts, no. I say probably, since I don't know the address and contents of every single page on the world wide web, so of course I couldn't be certain.
The problem with a security tool for php scripts is that you have to analyse the script (either by looking at the code or by continuously banging on the UI) then use the knowledge gained by that to attempt to make the script do something it wasn't intended to. That's too fuzzy for a program to do effiecently or effectively. That's why security professionals make upwards of 100k a year.
May wanna know the known security flaws first http://www.owasp.org/documentation/topten (this has been posted a couple of times before)
