security;scripts; sanitize user input

I was beefing up security at my website, and the technician mentioned
something about ” sanitizing user input “
I emailed support for my host:

[QUOTE]

Jul 18 2012 18:39
Q: Allen Harris
I purchased the dedicated IP.
Our technician said we did a good job at security, and he made the comment:

(quote)
On thing i didn’t read was ensuring that scripts (such as Perl, PHP) sanitize user input before reading/writing to the file system or making SQL requests to a database. That’s critical.
(/quote)

I don’t exactly know what that means, but there are no outside
sources which use the database.
As far as scripts, the only one I’m familiar with is Javascript and PHP.
I do not know what it means to sanitize user input.
Jul 18 2012 18:50
A: Support63
Hello,

When a form is submitted, the data from this form is passed to an executable script. It can then take that data and record it into a database or a file.

Sometimes, it is possible to craft the data entered on a form in such a way that it makes the target script execute commands that were not intended by the programmer. If this happens, the script is hacked.

Sanitizing user input refers to a way to prevent such crafted data from being used to hack a script. This is a vast topic, and if you are not familiar with it, we would recommend that you contact a web developer to check your scripts for any security problems.

Best regards,
Support

[/QUOTE]

This is the first I’ve heard about this, is there a thread or
a website so I can brush up on security for this issue?

Also in #PHP _↴