WEEK 9–10: CodeIgniter Security Practices

To encrypt user data

To create user profiles

To verify the identity of users

To improve performance

Social Login

CAPTCHA

Multi-Factor Authentication (MFA)

Single Sign-On (SSO)

csrf_protection = false in config.php

Add CSRF token to URL

Set 'csrf_protection' => TRUE in config.php

Use session flash data

csrf_token()

form_token()

form_hidden()

csrf_input()

Speed up application loading

Manage database backups

Grant access based on user roles

Encrypt communication

Manual string concatenation

Inline SQL

Prepared statements

GET parameters

Encrypt user passwords

Prevent SQL injection

Remove cross-site scripting threats

Format database queries

Session timeout

SQL injection

File download

Email verification

Encrypt them with AES

Convert to base64

Hash them using a secure algorithm

Store them as plain text

Form Helper

Query Builder

Session Library

Validation Library