Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses

Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses

by Chris Snyder, Thomas Myer, Michael Southwell
     
 

PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also delve into recent developments like

Overview

PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also delve into recent developments like mobile security, the impact of JavaScript, and the advantages of recent PHP hardening efforts.

Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a lot of material on secure PHP development, the basics of encryption, secure protocols, as well as how to reconcile the demands of server-side and web application security.

What you’ll learn
  • Secure PHP development principles
  • PHP web application security
  • User and file security
  • Mobile security
  • Encryption and secure protocols
  • Dealing with JavaScript
Who this book is for

Pro PHP Security appeals to all intermediate and advanced PHP programmers who need to keep websites safe. It also contains material of interest to all who are concerned with web application security.

Table of Contents
  1. Why Is Secure Programming a Concern?
  2. Validating and Sanitizing User Input
  3. Preventing SQL Injection
  4. Preventing Cross-Site Scripting
  5. Preventing Remote Execution
  6. Enforcing Security for Temporary Files
  7. Preventing Session Hijacking
  8. Securing REST Services
  9. Using CAPTCHAs
  10. User Authentication, Authorization, and Logging
  11. Preventing Data Loss
  12. Safe Execution of System and Remote Procedure Calls
  13. Securing Unix
  14. Securing Your Database
  15. Using Encryption
  16. Securing Network Connections: SSL and SSH
  17. Final Recommendations

Product Details

ISBN-13:
9781430233190
Publisher:
Apress
Publication date:
12/08/2010
Sold by:
Barnes & Noble
Format:
NOOK Book
Pages:
368
File size:
1 MB

Meet the Author

Chris Snyder is a software engineer at the Fund for the City of New York, where he helps develop next-generation websites and services for nonprofit organizations. He is a member of the executive board of New York PHP, and has been looking for new ways to build scriptable, linked, multimedia content since he saw his first Hypercard stack in 1988.
Michael Southwell is a retired English professor who has been developing websites for more than 10 years in the small business, non-profit, and educational areas, with special interest in problems of accessibility. He has authored and co-authored eight books and numerous articles about writing, writing and computers, and writing education. He is a member of the executive board of New York PHP, and a Zend Certified Engineer.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >