Do You Agree These 3 Security Tips Are Enough For Applications?

Application Security is an ever increasing subject and always needs to be addressed. We go over a number of security tips and how to combat these.

XSS — Cross Site Scripting:

Cross Site Scripting is a way of injecting JavaScript code into your application. This can be used to output user’s cookies and even hijack cookies. According to a published article by software development company, there is a simple way to defend against XSS for us CodeIgniter developers though. Simply run all data through the XSS filter, this can be done by using the function below.
$this->input->post('post_field', TRUE); // The second parameter turns the XSS Filter on

SQL Injection:

You should always be aware of SQL Injection. SQL Injection is when a string is passed through a form and performed on a database, this can be a harmless operation but if a user enters anything’ OR ‘x’='x. Still look harmless? What about if I put this into context.

$this->db->query("SELECT * FROM `users` WHERE `id` = 'anything' OR 'x'='x");

This can be used to see a portion of your database. It can also be used to do things to your database such as dropping tables or rows.

Use Strong Password Policies:

Since you should be using the Form Validation Library for your forms you should always have a strong password policy and validate is using the Form Validation Library. If you are using The Authentication Library then you won’t need to worry about this. Be sure to make your password policy doable though, don’t force users to have 17 character long passwords that they will never remember.

It is all my information and understanding, now you people tell me more about this and share your views with me.