LESSON8-WEBSECURITY Flashcards
is a crucial aspect of web development.
Web security
Ensuring the security of web applications protects sensitive data, maintains user trust, and prevents malicious activities.
Web security
vital for protecting sensitive user data, maintaining the integrity of web applications, and preventing unauthorized access.
Web security
can lead to data theft, financial loss, legal consequences, and damage to a website’s reputation.
Security breaches
are processes used to ensure that user inputs are safe and meet expected formats.
Validation and sanitization
checks if the input meets specific criteria
Validation
filter_input(INPUT_POST, ‘email’, FILTER_VALIDATE_EMAIL);
cleans the input to remove any harmful characters.
sanitization
filter_input(INPUT_POST, ‘username’, FILTER_SANITIZE_STRING);
is a technique used by attackers to manipulate SQL queries by injecting malicious code.
SQL injection
Preventing SQL injection involves using _____ and ______.
prepared statements ; parameterized queries
$stmt = $mysqli->prepare(“SELECT * FROM users WHERE username = ? AND password = ?”);
$stmt->bind_param(“ss”, $username, $password);
$username = $_POST[‘username’];
$password = $_POST[‘password’];
$stmt->execute();
$result = $stmt->get_result();
attacks inject malicious scripts into web pages viewed by other users.
Cross-Site Scripting (XSS)
Preventing XSS involves ______ before displaying them on the page.
escaping user inputs
htmlspecialchars()
allows attackers to execute arbitrary code on a server. Preventing this involves validating and sanitizing file uploads and commands.
Remote code execution
involves stealing a user’s session ID to impersonate them.
Session hijacking
Preventing session hijacking includes ________ and using ______.
regenerating session IDs ; secure cookies
Essential for protecting data and maintaining trust.
- Importance of Security
