14
Presentation Structure
Input Validation Database Improvements Toward Drupal
Preventing XSS and SQL Injection
Input Validation
General Process
Benefits
Reduces Potential of Successful Attack “Exploits of a Mom” XKCD.com
Helps user properly complete forms Saves time correcting user error
Implementation
Research acceptable data for each field Official Specifications Previous Data Educated Guesses
Implementation
Create filtering function library MySQL escaping functions Regular expression functions Basic type testing functions
Test Sample applications
Database Improvements
Database Modifications
Cleaning out previous bad entries and depreciated tables
Creating a new database structure to simply data storage and extraction
Working on structures to better incorporate past data and data sharing between Space Grant Programs
Toward Drupal
The Current Framework is Complex
Over 710 PHP Files 826 Images 465 Folders 2 Databases 53 Tables
Benefits of Drupal
One display system makes standards compliance simpler
Time tried CMS means less errors and the benefit of many skilled developers
Skinning the website is simpler Modular setup makes adding features
much easier
