-2

I want to know how to protect my website from hacker. I am a php-mysql developer. For fetching data from database i always use mysqli. For prevent my website from sql injection i always use $db->real_esacpe_string() function of php. For prevent my website from XSS(Cross site scripting) i used this function

function parsing($text)
{
global $db;
        $text=$db->real_escape_string($text);
 $text= @trim($text);
       $text= strip_tags($text);
 if(get_magic_quotes_gpc()) {
            $text= stripslashes($text);
        }
    $text=str_replace('<','',$text);
    $text=str_replace('>','',$text);   
       $text=htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
    return($text);
}
$name=parsing($_POST['name']);

Any suggestion from your side is welcomed. Thanks in advance.

Dinesh Gurjar
  • 498
  • 5
  • 17
  • i am asking all type of website hacking including SQL injection.then how it is duplicate. – Dinesh Gurjar Mar 05 '18 at 05:55
  • why my question get negative marks? my question is not duplicate of 'How can I prevent SQL injection in PHP?' I also asked any one delete my server files, insert spam, change script then why it is related to only SQL injection. – Dinesh Gurjar Apr 25 '19 at 06:02

1 Answers1

1

With all of does done i don't think a hacker can delete or access your database.

But there are also many other techniques a hacker can use in hacking your website.

Like

  1. DDOS
  2. XSS
  3. SESSION Hyjacking etc

Which there are also different ways of protecting your website against them.

JBoy
  • 144
  • 2
  • 17
  • 1
    thanks. i think do not use the cookie for sensitive information and in htaccess and web.config make the rule that anyone can't run zip, programming language etc on the server. – Dinesh Gurjar Feb 12 '18 at 06:59