RE: What are CodeIgniter security methods?

What are CodeIgniter security methods?

dip Team Leader Asked on June 7, 2018 in CODEIGNITER.
Add Comment
1 Answers

A} SQL Injection Prevention:
SQL injection is an attack made on database query. Genarally we are use mysql_real_escape_string() function to prevent SQL Injection.CodeIgniter provides inbuilt functions and libraries to prevent this.
We can prevent SQL Injection in CodeIgniter.Here are few ways to stop SQL Injection.

Escaping Queries:

<?php
$username = $this->input->post(‘username’);
$query = ‘SELECT * FROM user_master WHERE user_name = ‘.
$this->db->escape($email);
$this->db->query($query);
?>

Query Biding:

<?php
$sql = “SELECT * FROM user_master WHERE id = ? AND status = ? AND username = ?”;
$this->db->query($sql, array(1, ‘active’, ‘Aviance’));
?>

Active Record Class:

<?php
$this->db->get_where(‘user_master’,array
(‘status’=> active’,’email’ => ‘info@avianceschool.com’));
?>

B} Password Handling:

Numerous developers don’t realize how to deal with password in web applications, which is presumably why various hackers discover it so natural to break into the systems. One should remember the accompanying focuses while dealing with passwords:

  • Don’t store passwords in plain-text format.
  • Always do hash your passwords.
  • Don’t use Base64 or similar encoding for storing passwords.
  • Don’t use weak or broken hashing algorithms like MD5 or SHA1. Only use strong password hashing algorithms.
  • Don’t ever display or send a password in plain-text format.
Team Leader Answered on November 20, 2018.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.