It is an essential professional approach to implement all possible necessary checks while programming webapps. If a user is inactive for certain period of time, you can log him out and clear all session data for security check. This check will build user’s trust in your development skill and he will feel secure while using […]


If you are the only owner of any website or blog and want to protect your admin directory then you can allow that admin directory for just your IP and deny from all others. Here it is how.


It is easy to upload file when the Register_Globals are set to ON in the php.ini file (php configuration file) which is not recommended in any case for security reasons. When Globals are OFF then in this case I have tried this script and it works fine. Following is the script. Create two files. one […]

{ 1 comment }

PHP is Not Secure

by Hiroshi on September 27, 2008

in Security

As a developer you must keep it in your mind that like any other programming platform PHP is also not secure. It can be hacked. Your website made in PHP can be stolen and hacked. There are softwares and exploits for attack. There are also vulnerabilities in PHP and there can be vulnerabilities in the […]


Prevent people to view your php.ini file via a browser a few lines needed to be put into the .htaccess file. Locate your .htaccess file which will be in your site’s root directory (public_html or www) Download and edit .htaccess Paste the following code into the bottom of the file and then click save:

One of my website was hacked, exploited or whatever… recently. I thank that gentle hacker who just placed some files at my server and he was just checking log files and did not damage any file or database. I really thank him. Well! I was using wordpress and I am with one of the best […]

Suppose you want to protect you email address and want to put it online in form of image or you are displaying visitors emails in form of images while they had entered simple text, then this script is very useful. Text used in this example is under variable text. Find it and replace it […]


Similar to Number & Image form validation this example takes images with digits randomly and displays these for validating form.


This example is simple php, javascript image and number form validation. You can show number or image or both. If users enters correct number displayed then he can proceed with form submission. This example is using images containing numbers and these display randomly to validate form.


This is simple form authentication by a random number generated by PHP and authenticated by javascript. It can be used for spam control.