Essential PHP Security A Guide to Building Secure Web Applications

Name: Essential PHP Security A Guide to Building Secure Web Applications
Price: 3.77 USD
Availability: InStock
ISBN: 9780596006563

ISBN-10: 059600656X

ISBN-13: 9780596006563

Edition: 2005

Authors: Chris Shiflett

List price: $29.95

30 day, 100% satisfaction guarantee!

Buy new: $21.03

Marketplace

4 new & used from $3.77

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Being highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks. Security is an issue that demands attention, given the growing frequency of attacks on web sites. "Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to…

Book details

List price: $29.95
Copyright year: 2005
Publisher: O'Reilly Media, Incorporated
Publication date: 10/23/2005
Binding: Paperback
Pages: 124
Size: 6.97" wide x 9.17" long x 0.30" tall
Weight: 0.462
Language: English

Chris Shiflett, an internationally recognized expert in the field of PHP security, is the founder and President of Brain Bulb, a PHP consultancy. Chris has been developing web applications with PHP for several years and regularly speaks at OSCON, ApacheCon, and PHP users conferences in North America. He is the author of the HTTP Developer's Handbook (Sams) and writes frequently about web application security. As an open source advocate, he maintains several open source projects and is a member of the PHP development team.



Foreword


Preface



Introduction


PHP Features


Principles


Practices



Forms and URLs


Forms and Data


Semantic URL Attacks


File Upload Attacks


Cross-Site Scripting


Cross-Site Request Forgeries


Spoofed Form Submissions


Spoofed HTTP Requests



Databases and SQL


Exposed Access Credentials


SQL Injection


Exposed Data



Sessions and Cookies


Cookie Theft


Exposed Session Data


Session Fixation


Session Hijacking



Includes


Exposed Source Code


Backdoor URLs


Filename Manipulation


Code Injection



Files and Commands


Traversing the Filesystem


Remote File Risks


Command Injection



Authentication and Authorization


Brute Force Attacks


Password Sniffing


Replay Attacks


Persistent Logins



Shared Hosting


Exposed Source Code


Exposed Session Data


Session Injection


Filesystem Browsing


Safe Mode



Configuration Directives



Functions



Cryptography


Index