Tagged Questions
1
vote
2answers
245 views
Critique sanitized user email PHP Script
So, I have a basic 'contact us' form that i have built, and I do some jQuery checking first (that a phone number is only numbers, email address doesn't contain unneeded characters, etc), but I also ...
10
votes
3answers
5k views
Basic user registration code
My first attempt at a user registration code.
Login.php defines database log in variables (e.g. Database name, Table name, etc)
...
5
votes
1answer
182 views
Security of a “contact us” form
I have a form, which uses AJAX to send POST data to the following controller method:
...
3
votes
7answers
5k views
PHP login cookie authentication, is it safe enough?
I have the following code to do remember-me style login:
...
11
votes
6answers
756 views
Are there any open vulnerabilities in this mailer script?
I made a PHP mailer script does the basic validation of fields, return errors, else submit if all is good. But it also has a honeypot field that is not required to be filled in (I'm assuming by hiding ...
7
votes
2answers
222 views
9
votes
1answer
292 views
PHP form review
I saw somewhere on here that it helps reduce spam by adding a dummy input field that you hide with display: none, and like if it's filled out, then it's obviously ...
4
votes
1answer
96 views
Login system security
Here is a login system I am working on. I just want an opinion on it and whether I am going in the right direction or am just completely missing something.
The main thing I would like to know is: am ...
4
votes
1answer
99 views
Security: Scale and cache images
Specification
A simple PHP script resizes images on-the-fly. The script is called by the web server's 404 handler to return a scaled version of the original. For example, if the original image is at:
...
3
votes
2answers
295 views
Is this contact form secure?
I have the following contact form, using PHP, JS and a bit of Ajax. I want to make sure that it is secure.
...
3
votes
2answers
968 views
2
votes
1answer
31 views
Login System Security Part 2
Old code:
Login system security
This is an update on the code and suggestions I received from generous users on the old thread.
So same rules apply, just check it out, tell me what you think. Is ...
2
votes
2answers
127 views
Preventing email injection
I have asked a question on Stack Overflow and one of the guys actually managed to hack my contact form and inject a fake email into the $header of the PHP!
So ...
1
vote
2answers
620 views
Secure image upload class
I am new to Code Review and PHP.
Last night I made the below image uploading class. It was the first time I made a file uploader to be used on a real site, so I thought I would share it here and on ...
1
vote
1answer
192 views
Concept for PHP Controlled, Privileged Execution (for a cPanel knockoff on Ubuntu Server)
I was thinking of building a F/OSS project as a cPanel for Ubuntu Server, since Ubuntu doesn't have this, and yet making it easy for a hosting company to use this, where users will find it just as ...
-2
votes
1answer
97 views
