Hi there, First of all i want to let you know that, my experience with this forum is really very good. I am new php programmer and i have intend knowledge of PHP & mysql. Before some days, i did notice that someone was tried to hack my website using SQL injection. If you run a content website (no e-commerce) that uses php and a mysql database, what security programming measures can you take to ensure that someone doesn't hack / deface / erase your site and its data? what security programming measures can you take to ensure that someone doesn't hack / deface / erase your site and its data? i don't think that all of the host's job. what are some typical mistakes that programmers do that leave themselves to hacking? what can a programmer do on the coding end? how can we avoid a php hack attack? I think, Things like SQL Injection are worth looking into. can you please let me know about security with SQL injection. Expecting good help from you & Thank you in anticipation.
Sometimes an effective way to slow down hackers is to have more than one DB with different credentials. Always mysql_real_escape_string(YOUR_INPUT);!
I was away for few weeks now. So didn't saw your message. Sorry for being late to respond. What I was trying to say is you keep the db details inside a separate file and include that file inside the file which you display to the user. So users will be knowing only about the files they see in the browser. Also use POST method. To avoid spamming or bots activity make use of captcha.