Pre-initialise important variables to safe values

For variables that have a particularly important security role in your scripts, consider setting them to the safest setting by default. For example, variables such as $loggedin should be set to false by default. Not only does this make clear the security stance in your script when other programmers read through it, but it also gives more security to those who are using your script with register_globals enabled.

Next chapter: Be wary of session fixation >>

Previous chapter: Denial of service

Jump to:

Home: Table of Contents