Anson Cheung has posted about some security attacks (six of them) that you need to watch out for when developing your apps.
Be aware of the most common security threats to PHP applications is the important step to secure your PHP scripts may not be immune. Here, the article is going to go over top 6 common security threads in PHP scripts. You may familiar with this, if not, this is a good time for you to read and keep in mind.
The top six on his list are:
- SQL Injection
- Cross-Site Scripting (XSS)
- Session fixation
- Session capturing/hijacking
- Cross-Site Request Forgeries (CSRF)
- Code Injection
For each item, he includes a bit of explanation as to what the issue is and a common solution as to how to prevent it.