making my script secure

eyeofthestorm

i just finished writing a cms and it does everything i wanted it to do...so now the only problem is that i need to make it secure so that not just anyone can go and change the site's content. and i really have no idea how to do this...any ideas?

bradgrafelman

How do you authenticate administrative logins? How do you verify someone has logged in when they try to access the admin panel? How often do you revalidate a person (i.e. once they login... do various functions check that a certain cookie was set, or whatever your login method is?).

I guess that's where you could start.

Weedpacket

And a good time to start planning security is before writing anything.

robert_w_ark

He is talking about encrypting the source.. There are different sites.. So here's a few:

http://www.codelock.co.nz/
http://www.phpcipher.com/
http://zend.com/store/products/zend-safeguard-suite.php
http://www.sourceguardian.com/

I've never tried any of these programs, but i've heard that Zend is good.