Skip to main content
SpringerLink
Log in
Apress
Book cover

Pro PHP Security

From Application Security Principles to the Implementation of XSS Defenses

  • Book
  • © 2010

Overview

Authors:
  1. Chris Snyder
    View author publications

    You can also search for this author in PubMed   Google Scholar

  2. Thomas Myer
    View author publications

    You can also search for this author in PubMed   Google Scholar

  3. Michael Southwell
    View author publications

    You can also search for this author in PubMed   Google Scholar

  • PHP programmers need to arm themselves in the race against security risks.
  • Pro PHP Security takes PHP 5.3 as its starting point and solves both traditional and modern security concerns, from SQL injection to mobile security.

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 59.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (17 chapters)

  1. Front Matter

    Pages i-xviii
    Download chapter PDF

  2. The Importance of Security

    1. Front Matter

      Pages 1-1
      Download chapter PDF

    2. Why Is Secure Programming a Concern?

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 3-12

  3. Practicing Secure PHP Programming

    1. Front Matter

      Pages 13-13
      Download chapter PDF

    2. Validating and Sanitizing User Input

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 15-32

    3. Preventing SQL Injection

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 33-43

    4. Preventing Cross-Site Scripting

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 45-57

    5. Preventing Remote Execution

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 59-79

    6. Enforcing Security for Temporary Files

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 81-91

    7. Preventing Session Hijacking

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 93-104

    8. Securing REST Services

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 105-113

  4. Practicing Secure Operations

    1. Front Matter

      Pages 115-115
      Download chapter PDF

    2. Using CAPTCHAs

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 117-131

    3. User Authentication, Authorization, and Logging

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 133-157

    4. Preventing Data Loss

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 159-175

    5. Safe Execution of System and Remote Procedure Calls

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 177-205

  5. Creating a Safe Environment

    1. Front Matter

      Pages 207-207
      Download chapter PDF

    2. Securing Unix

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 209-220

    3. Securing Your Database

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 221-228

    4. Using Encryption

      • Chris Snyder, Thomas Myer, Michael Southwell
      Pages 229-266
Back to top

Keywords

About this book

PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also delve into recent developments like mobile security, the impact of JavaScript, and the advantages of recent PHP hardening efforts.

Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a lot of material on secure PHP development, the basics of encryption, secure protocols, as well as how to reconcile the demands of server-side and web application security.

About the authors

Chris Snyder is a software engineer at the Fund for the City of New York, where he helps develop next-generation websites and services for nonprofit organizations. He is a member of the executive board of New York PHP, and has been looking for new ways to build scriptable, linked, multimedia content since he saw his first Hypercard stack in 1988.

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation