Intro to Php Security
This article has reference to the PHP meet up in 2007 and the presentation by Dave Ross discussing security issues and options related to PHP programming. It begins by outlining common attack vectors like validation circumvention, code injection, SQL injection, and cross-site scripting. It then provides examples of each attack and recommendations for preventing them, such as validating all user input and escaping special characters when outputting data. The document also introduces tools for analyzing PHP code security like PHPSecAudit and browser developer toolbars. It emphasizes the importance of securing applications from the beginning rather than as an afterthought.
Click on the below image to go to the actual presentation.
Comments
Post a Comment
Want to tell something about this post. Please feel free to write...