Binding: Paperback Dewey Decimal Number: 005.8 EAN: 9780596006563 Format: Illustrated ISBN: 059600656X Label: O'Reilly Media, Inc. Manufacturer: O'Reilly Media, Inc. Number Of Items: 1 Number Of Pages: 124 Publication Date: October 13, 2005 Publisher: O'Reilly Media, Inc. Sales Rank: 118753 Studio: O'Reilly Media, Inc.
Product DescriptionBeing highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.
Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.
In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.
You are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.
Customer Reviews
Average Rating:
Rating: - Opened my eyes!
While smaller than many O'Reilly titles the author wastes no time in helping the new PHP programmer write more secure code. Once you get the best practices in the first chapter down, the other seven chapters each deal with a specific class of vulnerability. You can read chapters 2-8 in any order, and you'll also spend some time with the appendices.
I confess, this book made me want to go back over my code and refactor it from the ground up! Chris gives really easy ways to prevent the ... Read More
Rating: - Overpriced
Of the 103 pages in the book there are probably only 13 of unique information and 90 pages of saying the same exact thing over and over again. Worse yet, I found the author had already released the 13 pages of useful information online for free.
Definitely wish I had browsed this one in a store before I blew $30.
Rating: - Alright - not very meaty though
Alright - not very meaty. Overall I'm glad I read it though, as I picked up some useful nuggets.
==========
Update 2006-12-30 - I'd like to bump this up to four stars. The book came in handy today - I used some code in it regarding session variables.
Rating: - PHP Security is a HUGE topic
This book is essential for anyone starting out in PHP, but not only for them. It offers tips for almost any skill level, maybe you know some of the ways to keep your site secure but Chris really goes in depth on some of them.
The code snippets are short, simple, but convey the point exactly as intended... and I also like Chris's method for validating tainted data, similar to a fisherman. If the fish is bad throw it back and the same goes for user input.
Rating: - VERY VERY HIGHLY RECOMMENDED!!
Are you a developer who is writing insecure PHP code? If you are, then this book is for you! Author Chris Shiflett, has done an outstanding job of writing a practical book that will help you improve your PHP application-level security.
Shiflett, begins by giving an overview of security principles and best practices. Then, the author covers form processing and attacks such as cross-site scripting and cross-site request forgeries. He continues by focusing on using databases and attacks ... Read More
- Overpriced
- Alright - not very meaty though
- PHP Security is a HUGE topic
