The first step in security of an application as seen from a developer viewpoint could be chosen among several. One viewpoint could be safeguarding who uses the application, in other words the requirement of authentication. Who is authorized to use the application? Who has the required permissions?

Another step is checking that whatever data the authorized user enters into the application, and ultimately into the database, are safe. This means they have been validated and sanitized before the application writes them to the database. The concern here is data security and integrity.

We shall start with the latter.