I am interested in allowing users to "share" information on my website, say something similar to a bulletin board concept. This is something I've never done before because I know that it could introduce security issues.
I'll likely be using ColdFusion as my scripting language. I'm also familiar with PHP, but am leaning towards CF because of its built-in RichText control. The database back-end will either be MySql or SQLServer.
And so, my question boils down to this: What are the specific security issues and how do I screen user input for them? Does the method of SQL storage have any barring (say VARCHAR vs BLOB)?
Aucun commentaire:
Enregistrer un commentaire