MyBB Community Forums

MyBB Community Forums > Extensions > Plugins > Plugin Development > How to secure my plugin
Full Version: How to secure my plugin
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

KLOX94

2014-02-15, 10:19 AM
Hi there. Can you please tell me me how i can protect my Mybb Dating plugin from SQL injection , URL injection, Xss attacks, search form attacks . Since the plugin system is not protected by mybb core security.

Rakes

2014-02-21, 10:08 AM
$db->escape_string for every string you're going to let users add to your mysql query,
intval for every integer (Returns 0 if not an int),
htmlspecialchars for everything users have put in.

It's pretty simple as that when you come down to it

Shade

2014-02-21, 03:14 PM
Casting is however preferred in terms of performance.
MyBB Community Forums > Extensions > Plugins > Plugin Development > How to secure my plugin