In this new tutorial from PHPFreaks.com they talk about a subject that should be near and dear to every PHP developer's heart - application security.
The problem is that most people forget one of the most important aspects that one must consider when writing PHP applications. Many beginners forget the security aspect of PHP. Generally, your users are nice people, they will do as they are told and you will have no problem with these people whatsoever. However, some people are not quite as nice.
They've included some tips to help protect you and your application from these "not quite as nice" users hanging out on your site. They talk about:
- Error reporting
- SQL injections
- Cross-site scripting
- Outside file access
- Remote file inclusion
- Session security
- Cross-site request forgery
- Directory traversal
Each topic explains what it is, how it can be used against you and what you can do to help stop it on your site (including example code).