Comments on: Secure PHP Programming! http://www.levoltz.com/2007/04/11/secure-php-programming/ iPhone Games, Wordpress Themes Thu, 18 Mar 2010 14:09:42 +0000 http://wordpress.org/?v=abc hourly 1 By: Matthew http://www.levoltz.com/2007/04/11/secure-php-programming/comment-page-1/#comment-6047 Matthew Tue, 28 Aug 2007 15:58:36 +0000 http://bothack.wordpress.com/2007/04/11/secure-php-programming/#comment-6047 I have login password string showing in the url string. This has a serious security implication as other users of a system can browse the history and discover the login password of the last user. I have used the POST method for the form tag but when you view the page information you see the password sticking out. So I would like to know of any means of preventing this completely or to encrypt the password. Is it also possible to disable mouse "right click" completely for the length of the session. I work with PHP and Javascript. Thanks in anticipation of your urgent help. matthew I have login password string showing in the url string. This has a serious security implication as other users of a system can browse the history and discover the login password of the last user. I have used the POST method for the form tag but when you view the page information you see the password sticking out. So I would like to know of any means of preventing this completely or to encrypt the password.

Is it also possible to disable mouse “right click” completely for the length of the session.

I work with PHP and Javascript.

Thanks in anticipation of your urgent help.

matthew

]]> By: Homayoon http://www.levoltz.com/2007/04/11/secure-php-programming/comment-page-1/#comment-6046 Homayoon Wed, 08 Aug 2007 06:27:34 +0000 http://bothack.wordpress.com/2007/04/11/secure-php-programming/#comment-6046 Hi, Good website, I love this subject. I have worked too much about web security. anybody has anyquestion please send message. Hi,
Good website, I love this subject. I have worked too much about web security.
anybody has anyquestion please send message.

]]> By: Mann http://www.levoltz.com/2007/04/11/secure-php-programming/comment-page-1/#comment-6044 Mann Sat, 28 Jul 2007 01:12:04 +0000 http://bothack.wordpress.com/2007/04/11/secure-php-programming/#comment-6044 Very informative. Thanks guys. Very informative. Thanks guys.

]]> By: spatz http://www.levoltz.com/2007/04/11/secure-php-programming/comment-page-1/#comment-6043 spatz Thu, 26 Jul 2007 21:53:05 +0000 http://bothack.wordpress.com/2007/04/11/secure-php-programming/#comment-6043 Never use $PHPSELF without checking the value. Use $_SERVER['PHPSELF'] instead OR insert this code before $PHP_SELF = htmlentities($_SERVER['PHP_SELF']); Never use $PHPSELF without checking the value.
Use $_SERVER['PHPSELF'] instead OR insert this code before

$PHP_SELF = htmlentities($_SERVER['PHP_SELF']);

]]> By: [fazed] http://www.levoltz.com/2007/04/11/secure-php-programming/comment-page-1/#comment-6045 [fazed] Thu, 05 Jul 2007 19:37:13 +0000 http://bothack.wordpress.com/2007/04/11/secure-php-programming/#comment-6045 Would Just like to point out that $PHPSELF can sometimes be over written (check the hardened php project) Would Just like to point out that $PHPSELF can sometimes
be over written (check the hardened php project)

]]>