Security in a PHP application includes remote and local security concerns. Discover the habits PHP developers should get into to implement Web applications that have both characteristics.

The habits in their list are:

• Validate input
• Guard your file system
• Guard your database
• Guard your session
• Guard against XSS vulnerabilities
• Guard against invalid posts
• Protect against CSRF

Each comes with their own explanation and for some, code to help you spot the mistakes and correct them.

From Ilia:

As per our tradition of changing Release Masters for every minor release, a new masochist, ;-) Johannes Schlüter will be taking of the role of RM for PHP 5.3 from me. I will continue to RM 5.2.X release, which has 1-2 releases in it still and will be actively maintained up until 5.3.0 is released into the wild, something that should happen early next year.

Ilia is stepping down after two years of service as release manager and, while sad to move on, is happy to see "new blood" move into the project to liven things up.

Check out Manfred Weber's comments on the change too.

Zend Guard has two parts to it - the encoder and the license manager for your scripts. You can quickly and easily distribute your encoded scripts to the masses, and licenses can be easily updated/renewed without having to send out anything new. Some of the license options include concurrent users, time limitations, and if it needs to be server-specific or not.

Look for the release of this product tomorrow on the Zend website.