article source Drupal手册



At each opportunity it has, the Drupal Security team tries to help share information about its processes and http://drupal.org/writing-secure- click the following article


check this out There are many times when you may want your code to "impersonate" another user. An example of this is when a user takes an action that triggers another process.


see more It seems to be a popular approach in other web applications to process/filter the user input in the name of security.


db_rewrite_sql() provides a method for modules to extend your SQL queries. This kind of functionality is especially important to modules which control access to nodes.

Session IDs

http://magnumchicago.com/?map Session support in PHP allows one to preserve data across subsequent accesses. A visitor accessing your website is assigned a unique ID, the so-called session ID.


Subscribe to RSS - Drupal手册