data-validation – Page 6 – WindowsTechs.com

What are the risks/are there techniques of using the sender’s MAC to modify a common session key for validation purposes?

Posted on January 12, 2017 by Kit Kilgour

I’m looking at group communication within a group of clients where a shared common session key has already been pre-established for ciphering purposes.
In order to enable validation of the sender, I’m considering modifyin… Continue reading What are the risks/are there techniques of using the sender’s MAC to modify a common session key for validation purposes?→

Is it legal/ethical to release commercial software with known security flaws

Posted on January 10, 2017 by anon

I am not a security professional. About 2.5 months ago I discovered systemic vulnerabilities in my employer’s software with the potential for financial damage to customers if exploited.

A logged in user’s ability to access … Continue reading Is it legal/ethical to release commercial software with known security flaws→

Which is the best way to sanitize user input in PHP?

Posted on September 16, 2013 by user2615947

What is the best way to sanitize user input?

These are things I do when users submit data:

substr if over limited values found.
htmlspecialchars() + ent_quotes + UTF-8
str_replace ‘<‘ ‘>’ users input

What more things need to be done?

Continue reading Which is the best way to sanitize user input in PHP?→

Which is the best way to sanitize user input in PHP?

Posted on September 16, 2013 by user2615947

These are things I do when users submit data:

substr if extra characters found.
htmlspecialchars() + ENT_QUOTES + UTF-8
str_replace ‘<‘ ‘>’ in user input

What more things need to be done?

Continue reading Which is the best way to sanitize user input in PHP?→