Creating a webpage with user accounts, what do I need to keep in mind?

php security mysqli user-accounts
DavidR picture DavidR · Jun 19, 2010 · Viewed 12.2k times · Source

I am trying to write a website that has user accounts. There isn't much sensitive information other than the password and email address. But I don't really understand what I'm doing; I'm kind of hacking it along as I go. Is there anything I should be keeping in mind with respect to security or any other important details?

Answer

Sarfraz picture Sarfraz · Jun 19, 2010

You should:

Recommended Reading:

PHP Security Guide

Related questions

PHP MySQLI Prevent SQL Injection

I've build a website that will be going live soon and just have a couple questions about preventing SQL injection, I understand how to use mysqli_real_escape_string but I'm just wondering if I have to use that on …

Read More
mysqli_query($conn, $sql) or $conn->query($sql)

I am new to web Development, I am currently not using any frameworks. Till now, I was using mysqli_query($conn, $sql) to send a query to the MySQL server. Recently I read another technique which use $conn - > …

Read More
How can I prevent SQL injection in PHP?

If user input is inserted without modification into an SQL query, then the application becomes vulnerable to SQL injection, like in the following example: $unsafe_variable = $_POST['user_input']; mysql_query("INSERT INTO `table` (`column`) VALUES ('$unsafe_variable')"); That's …

Read More