Cable Forum - View Single Post

punky · 19-07-2010, 09:59

Parameterised queries are unique to ASP.NET.

ASP.NET has a lot of built-in protection (it even prevents HMTL/script tags from being entered as a parameter by default) but PHP has none. You have to do it yourself.

I don't know any specific books but can give you guidelines. Really its just the usual security practices.

19-07-2010, 09:59	#8
punky Inactive Join Date: Jun 2003 Age: 44 Posts: 14,750	Re: Secure Coding Parameterised queries are unique to ASP.NET. ASP.NET has a lot of built-in protection (it even prevents HMTL/script tags from being entered as a parameter by default) but PHP has none. You have to do it yourself. I don't know any specific books but can give you guidelines. Really its just the usual security practices.