Fixing XSS Through SVG File Uploads PHP

Using Javascript code inside of an SVG file and then uploading it to a website that accepts SVG files & does not sanitize their content.

This is how a ton of websites fail and are directly exposed to this XSS vulnerability.

You have two choices:

  • Do not allow users to upload SVG files
  • Allow users to upload SVG files, but use an SVG cleaner on upload

Read more

How to use PHP Caching with MySQL Queries to improve performance

I’m going to show you an easy and efficient way of using PHP Caching to help reduce the database calls and improve the performance of your PHP script.

Instead of writing our own caching script and wasting time, we’re going to use the phpFastCache library to help us with our caching needs.

The caching method I’m going to present is file-based and is aimed towards MySQL query results caching.

Read more