This application is a side of Computer Security in 2015

The professor Dr. Suradet Jitprapaikulsarn as a consultant

This project is Web Application using PHP langauge and Mysql

In the present. Many project was built without security cause to be weak application and risk of stolen information. This project aims to train to prevent the attacks or steal information by understanding the basic fundamental attack or theft some information such as SQL, Command Injection and Cross site scripting

Example of SQL Injection

>> Log in without incorrect user

>> After resolve the problem. It will chage warning operation

Example of Cross site scripting

For client site >> This is a simulation search tool. when we fill in a text to box search I make it echo "your text search" + "not found" but if you fill in a tag script, running code will error

For server site >> It's like a principles of client site but it'll embed to your data base if you insert script javascript like alert in image below when site refresh it'll alert show every time

resolve>> it's easy to resolve this problem. you just use library for avoid warning operation