PhP-mySQL-Lockdown
Required skills: MySQL, PHP, Web Security
I have an existing PhP-mySQL application which needs locking down. There are various web forms where a web visitor can provide the app with data.
The php routines which post the form data and update the mySQL server need to be secured for the useual LAMP attacks e.g. sql injection, etc
The application is fairly simple and reasonable well commented.
A handful of routines are re-used throughout the application which need to be tightened.
The app uses the Facebook authentication framework, so some of the work is already taken care of.
There around 12 user forms (of about 5 fields each) which a user can post data to the mysql server.
The application posts mainly numeric values with a few varchar(255) variables.
Some attempt at stripping out illegal/problem characters has been made as has an attempt to stop sql-injection etc. Unfortunately the original developer has moved on to bigger and better things, and did not complete the project completely.
** Previous experience in doing this work must be demonstrated **
The php routines which post the form data and update the mySQL server need to be secured for the useual LAMP attacks e.g. sql injection, etc
The application is fairly simple and reasonable well commented.
A handful of routines are re-used throughout the application which need to be tightened.
The app uses the Facebook authentication framework, so some of the work is already taken care of.
There around 12 user forms (of about 5 fields each) which a user can post data to the mysql server.
The application posts mainly numeric values with a few varchar(255) variables.
Some attempt at stripping out illegal/problem characters has been made as has an attempt to stop sql-injection etc. Unfortunately the original developer has moved on to bigger and better things, and did not complete the project completely.
** Previous experience in doing this work must be demonstrated **
Posted In:MySQLPHP |
