Web Site Security Checklist

I readily admit that I have a lot to learn about security issues, but I did recently come across the article “Ensure basic Web site security with this checklist” by Chad Perrin on TechRepublic. I think it will be as useful to you as it was to me.

POST vs. GET Form Submission Method

There are two different submission methods for a form, the choice being specified inside a FORM element using the METHOD attribute. The difference between METHOD=”GET” (the default) and METHOD=”POST” is primarily defined in terms of form data encoding, where the GET method will pass all form data via a URL while the POST method will pass all form data internally. If you look at technical … [ Read more ]

AJAX Select Box (Other) Form Element

If you’re like me, you have certain form fields that need to allow users to add an option. For example, if you wanted to ask a user filling out a form for their university, you can’t realistically expect to have a table with all the possibilities from around the world. Instead, you can have what I call a select box other field (a.k.a. list box), … [ Read more ]

Functions and Passing by Reference

A function can be written to accept parameters (variable) or not. A parameter name is local to a function unless you tell it otherwise by using the global statement. Thus, you can pass a parameter called $string and name the accepted parameter $string also and they won’t interfere with each other. For example

In the function above, $string outside of the function will remain “car” … [ Read more ]

Modular Website Design

Modular design is pretty much what it sounds like – designing code modules that can be reused multiple times (i.e., on multiple pages or even multiple sites). The most obvious modules that may come to mind are the site’s header, footer and sidebar(s) but as you become more comfortable coding in this style you will quickly see many other opportunities to use modular design.

The first … [ Read more ]

Header

If it’s not intuitively obvious to you, having a modular header, just like a modular sidebar and footer, helps by allowing you to modify your site design with one code change that will ripple through all pages. For the header in particular, there are a few things you should know about.

!DOCTYPE

First and most importantly, make sure that you have the correct (X)HTML !DOCTYPE. This should … [ Read more ]

TITLE and META Tags

META Tags are HTML code tags inserted into the “head” area of your web pages that describe the content of a webpage and (sometimes) provide instructions to visiting search engine spiders and browsers. Essentially, META tag information is used to communicate information that a human visitor is likely not concerned with. Below I will discuss the most common and recommended META tags.

  • META Name: Abstract

    [ Read more ]

Redirects

Talking about redirects could quickly become very technical and quite boring but I will limit myself to the basics – why you would want/need to use a redirect and what you need to consider once you do use a redirect.

There are many instances where you might like to use a redirect – refreshing a page, transferring from one domain to another (e.g. from mydomain.com to … [ Read more ]

PHP Security / Preventing SQL Injection

I am not knowledgeable enough about PHP security and SQL injection to write anything useful myself. However, I recently read a good three-part series of articles by Chris Snyder and Michael Southwell (an excerpt from Pro PHP Security! by Apress) which provides a nice introduction, overview and basic tips.

[ Read more ]