Tutorial Details
- Topic: CodeIgniter
- Difficulty: Moderate
- Tut Format: Video
In this fourteenth episode of the series, our subject is ‘Security.’ We will go over topics such as: password encryption, message encoding/decoding, XSS filtering, output filtering, sql injection, session security, private controller methods and more.
Catch Up
- Day 1: Getting Started With the Framework
- Day 2: Database Selecting Methods
- Day 3: Sending Emails
- Day 4: Newsletter Signup
- Day 5: CRUD
- Day 6: Login
- Day 7: Pagination
- Day 8: AJAX
- Day 9: File Uploading and Image Manipulation
- Day 10: The Calendar Library
- Day 11: File and Directory Operations
- Day 12: Shopping Cart
- Day 13: Extending the Framework
- Day 14: Security
Day 14: Security
Thanks for watching! Any questions/thoughts?
Enjoyed this Post?
Subscribe to our RSS Feed, Follow us on Twitter or simply recommend us to friends and colleagues!
By Burak Guzel
Getting Good with JavaScript
Learn how to liven up your webpages, from start to finish. Veteran Nettuts+ author Andrew Burgess helps you Get Good with JavaScript.
Join our newsletter!
UberMenu - WordPress Mega Me ... only $16.00 
RoyalSlider – Touch-Enable ... only $12.00 
Kult House - More
Web Basix
Just getting started? Start with our basix tutorials on the fundamentals. View All Basix Tutorials
Create a Tutorial, Get Paid!
Have something to teach the world? Want to earn money doing it? Tutorials, screencasts, and articles published here on Nettuts+ are largely contributed by readers just like you! We'll pay you great money for good content. Find Out More
Great tutorial! I really learned a lot. I was wondering if you could do a tutorial on creating an admin area to manage the content of a CodeIgniter application/website. I am having a hard time figuring how to create an admin area without making it a completely separate CodeIgniter project.
Hi,
Just wanna say that I really like the CodeIgniter tutorials. Please continue with this series please! I´ve been sitting lika a freak in front of the computer the last couple of days and I am on part 13/14 now.
Jeffrey,
By the way, you asked us to remind you about “Scaffolding” in a previous lesson! :)
/Niklas
Sorry for spamming, but I am a premium member of tutsplus and I still can´t download this video. I can´t play it on iTunes either, it´s only a white screen.
Hey Guys ….
Question… ???
Why is it that you guys dont do anymore tuts on codeigniter anymore ????
Is there a particular reason for that….
I really loved those tuts – and i’m sure that others does too…
What will it take for you guys, to do more on codeigniter ???
Sincerely Myung Ki
http://blip.tv/file/get/NETTUTS-CodeIgniterFromScratchSecurity696.flv
Really nice tutorial, I’ve learned a lot with all the tuts that you’ve made. Thanks a lot!
But I have a question, what is the font that you use in netbeans?
When the videos will be uploaded? I do not see any link for video download.
great tutorial, i’m realy love it.. waiting the next episode…. ci maniac
Great series, made me fall in love with codeigniter!! You guys did an awesome job
Looking forward to seeing more tuts on codeigniter, maybe a full application build for beginners that want to use code igniter, but doesn’t know how to build a 5 page website with codeigniter
Keep up the good tuts :-)
pls fix the video, it’s broken
Day 14 zip file with all the files in this video would be helpful :)
How about a tutorial on how to protect against packet sniffers/ man in the middle attack. How to use codeigniter with SSL for super secure logins etc…
I can’t believe you are recommending developers to use md5() or sha1() to store passwords. Having both without a salt is the same as doing nothing, as long as the password is not really long. That is a really bad security practice. Please either recommend developers to use HMAC-SHA256 or +, or PBKDF2.
As for DB access please recommend users to use prepared statements, not mysql_real_escape_string() crap. It’s because of advices like this that I see vulns like: $query = ‘SELECT * from user where userid=”.mysql_real_escape_string($_POST['uid']).’”‘;