@phpdeveloper.org
There's a new book from the folks over at php|architect from Ilia Alshanetsky - php|architect's "Guide to PHP Security".
Written by security expert (and frequent php|a contributor) Ilia Alshanetsky, this book provides you with complete coverage of PHP application security from the bottom up, including: Input validation, SQL Injections, Session Securitiy, Security Through Obscurity, and Sandboxes and Tar Pits.
We're happy to announce the publication of php|architect's Guide to PHP Security, the latest release in our PHP Nanobooks series.
You can either preorder it now and get a 20 percent discount off the cover price ($32.99 USD before, $26.39 USD with discount), or you can wait until it arrives on September 7th, 2005 to snag a copy...
I was lucky enough to get an advance copy of this one to check out, and it's definitely going to be a part of my collection when it arrives. Not only is it jammed-packed with best practices and things to look out for in your code, but the writing style is a nice, easy read and doesn't get too bogged down with too much minutia - each topic is covered throughly, but not overly so. I also like that there are entire chapters devoted to cross-site scripting and SQL injections and some of the dangers there. They're sometimes the hardest to pin down, so the more information the better.
Definite recommendation from me for every PHP developer's desk...