www.webdeveloper.com
Results 1 to 3 of 3

Thread: many websites hacked by url and forms.. any idea

  1. #1
    Join Date
    Sep 2008
    Posts
    206

    many websites hacked by url and forms.. any idea

    please i want to know how to avoid hacker from hacking my website using forms because i have many websites hacked this week.


    i wrote only in the post:

    PHP Code:
    $namehtmlspecialchars($valueENT_QUOTES); 
    notice that i made validation using javascript to my form..
    but hackers can make sql statment to delete my DB or any type of hacking..

    also i have attached my htaccess to avoid mysql writing.. please find the attached htaccess.txt



    but the problem still exists i can write some queries from any form
    how to stop hackers or avoid them from hacking my website??

    any idea??
    Attached Files Attached Files

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,528
    Javascript validation is client-side, so is easily bypassed by a hacker.

    htmlspecialchars() is for escaping output to the browser -- it serves virtually no purpose for sanitizing data to be used in database queries. For that you either need to use the appropriate escaping function for the database extension being used, or by making use of prepared statements with bound parameters for those DB extensions that support it.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  3. #3
    Join Date
    Sep 2013
    Posts
    221
    Try out this one:

    Using https encrypts your cookies sent, including your session cookie. This is very secure. If your site is still accessible via http, they can still hack at your network security by sending false session cookies, but your much safe because hackers wouldn't be able to easily get hold of a session id while your using https and the other way to stop hackers is simply to add a captcha.

    Hope this helps.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles