Safety & Security
The Security Library, which is always on by default, ensures CSRF (Cross-Site Reference Forgery) protection of Premmerce users.
Based on CodeIgniter, the Premmerce platform is resistant to Cross Site Scripting attacks. It automates the filtration of the input data, although this can also be done manually. The filter serves to search for code elements that could lead to cookie theft or other malicious actions. Detected forbidden entities are turned into safe objects. When receiving the data, the following filter function is used:
$val->set_rules('email', lang('lang_email'), 'trim|required|min_length|xss_clean|valid_email')
Premmerce’s distinctive feature is a high level of protection from database-modified requests. Requests with parameters are sent in the form of prepared expressions, this way ensuring the avoidance of any SQL-injection. Our customers are given the following advantages:
- Guaranteed protection from this type of attack
- Considerable increase in SQL request processing speed, which is applied regularly
- Web developers do not need to screen the parameters
This advantage helps web developers fight hacker attacks. It supplies all of the tools needed to work with the database the same way as with PHP objects and other classes. It gives the web developer access to the database, applying different objects which provide APIs for data processing and storage.
We also offer functional features which allow application development regardless of the peculiarities of any particular database. Request syntax is constructed with the help of the corresponding database adapter. Since the variables are screened automatically, the requests are created in a more secure way.
The unique encryption keys allow every site to have its own unique hash totals for storing important data (passwords, for example). You will be provided with a high storage rate for your data.