Essential PHP Security

by Chris Shiflett (Author) and Andi Gutmans (Foreword)

[Book Cover] Essential PHP Security

Being highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.

Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.

In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.

Topics covered include:

  • Preventing cross-site scripting (XSS) vulnerabilities
  • Protecting against SQL injection attacks
  • Complicating session hijacking attempts

You are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

Reviews

Essential PHP Security
Reviewed by Nate Klaiber on April 10th, 2006 @ 10:32AM
His use of analogies and real world examples make this book a must read for a PHP beginner or professional.

Other Books by O'Reilly Media

[Book Cover] Website Optimization: Speed, Search Engine and Conversion Rate Secrets
Website Optimization: Speed, Search Engine and Conversion Rate Secrets
Remember when an optimized website was one that merely didn't take all day to appear? Times have changed. Today, website optimization can spell the difference between enterprise success and failure, and it takes a lot more know-how to achieve success. This book...
[Book Cover] JavaScript: The Good Parts
JavaScript: The Good Parts
Most programming languages contain good and bad components, but JavaScript has more than its share of the latter, as it was developed and released in a hurry, before it could be refined. This authoritative book scrapes away the most horrendous features to reveal...
[Book Cover] Subject to Change: creating great products and services for an uncertain world
Subject to Change: creating great products and services for an uncertain world
To achieve success in today's ever-changing and unpredictable markets, competitive businesses need to rethink and reframe their strategies across the board. Instead of approaching new product development from the inside out, companies have to begin by looking at...
[Book Cover] Information Architecture for the World Wide Web: Designing Large-Scale Web Sites
Information Architecture for the World Wide Web: Designing Large-Scale Web Sites
The post-Ajaxian Web 2.0 world of wikis, folksonomies, and mashups makes well-planned information architecture even more essential. How do you present large volumes of information to people who need to find what they're looking for quickly? This classic primer s...

More Books by O'Reilly Media