Simon Willison’s Weblog

Subscribe

Items tagged security in Aug, 2010

Filters: Year: 2010 × Month: Aug × security × Sorted by date


In what circumstances should one use “magic quotes” in PHP?

Absolutely never. Magic quotes was a badly designed feature, and PHP has been trying to escape its legacy for years. If you are constructing SQL strings using string concatenation you’re asking for trouble—use prepared statements or a library that interpolates and correctly escapes variables for you.

[... 65 words]

3:05 pm / 25th August 2010 / php, security, webdevelopment, quora

Why do some people disable JavaScript in their browser?

For security reasons.

[... 159 words]

1:37 pm / 25th August 2010 / csrf, javascript, privacy, security, xss, quora

Types

Years

Months

Tags