PHPDeveloper.org: PHPro.org: PHP Security

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Vermont Information Processing Seeks Senior/Lead PHP Developer (Burlington, VT)

Job Posting: Mediware Blood Center Technologies Seeks PHP Software Developer (Jacksonville, FL)

PHP Zone: Can Learning Drupal Get You a Job?

Job Posting: Tilllate Media Seeks Senior PHP Developer (Glasgow, UK)

Job Posting: Agency Matrix Seeks Senior Application Developer (Addison, TX)

Job Posting: HUGE Seeks Freelance Zend/WordPress Developer (Brooklyn, NY)

Job Posting: Abbott Laboratories Seeks PHP Developer (Irving, TX)

Job Posting: BetFair Seeks Lead Software Engineer (Web)

Job Posting: Uplifting Innovations Seeks Lead PHP Developer (Portland, OR)

Job Posting: Ganz Seeks PHP Developer (Toronto, Ontario)

News Archive

Matthew Weier O'Phinney's Blog: Module Bootstraps in Zend Framework: Do's and Don'ts

Pablo Viquez's Blog: Zend Framework Documentation

Johannes Schluter's Blog: Future of PHP 6

Ian Christian's Blog: Handling Uploaded file in symfony's admin generator

Jani Hartikainen's Blog: Should a failed function return a value or throw an exception?

Brian Swan's Blog: MSSQL vs. SQLSRV: What's the Difference? (Part 2)

Phil Sturgeon's Blog: CodeIgniter 2.0: Everything you need to know

php|architect: Programming: you're doing it wrong

Brian Moon's Blog: PHP command line progress bar

PHPro.org:
PHP Security

by Chris Cornutt September 18, 2008 @ 12:04:31

Kevin Waterson has posted a new article to his site today - an introductory look at security in your PHP applications.

One of the great benefits of PHP is its ease of access to new-comers. Its entry level is minimal and so attracts those looking for simple scripts to their sites. It is this same ease of access that becomes a problem as the new-comers begin to deal with input from users. Failure to adequately validate and sanitize data is the leading cause of security problems when dealing with PHP.

He looks at a few different areas that developers need to focus on (and be sure to filter on) like PHP_SELF, protection from email header injections, file inclusion and the use of error reporting to make handling user-generated errors "more correct".

0 comments voice your opinion now!
security tutorial phpself email header include error reporting

Similar Posts