News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Smashing Magazine:
Common Security Mistakes in Web Applications
October 19, 2010 @ 10:21:38

Smashing Magazine has posted an excellent security guide to get you on the road to protecting your site and its data from some of the most common mistakes applications can make. Several of the topics even come with PHP code to illustrate.

Unfortunately, unless we're careful with the code we write, the answer to these questions can often be one we'd rather not hear. We'll skip over denial of service attacks in this article, but take a close look at the other issues. To be more conformant with standard terminology, we'll talk about Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Phishing, Shell injection and SQL injection. We'll also assume PHP as the language of development, but the problems apply regardless of language, and solutions will be similar in other languages.

For each of the topics, there's a general description of how the attack works and, if applicable, some PHP code showing the right and wrong ways it can be handled. Fir things like Click Jacking or Phishing, the descriptions aren't so much about backend code as they are frontend and personal manipulation.

0 comments voice your opinion now!
security website application common mistake


blog comments powered by Disqus

Similar Posts

Community News: WordPress 2.0.6 Released to Resolve Security Issues

PHPClasses.org: Lately in PHP Podcast #45 - "The Security of Future PHP Versions"

ProDevTips: Writing a CMS/Community with Smarty and the Zend Framework: Part 8

PHPClasses.org: OpenSSL Serious Security Bug: Does it Affect Your PHP sites?

GeesNotNerds Blog: Free PHP + Ajax chat app


Community Events





Don't see your event here?
Let us know!


install symfony community podcast api laravel framework package voicesoftheelephpant interview list tips deployment language bugfix introduction series release library opinion

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework