PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PECL Releases (06.17.2025)

Community News: Latest PECL Releases (06.10.2025)

Community News: Latest PECL Releases (06.03.2025)

Community News: Latest PECL Releases (05.27.2025)

Community News: Latest PEAR Releases (05.26.2025)

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.06.2025)

Community News: Latest PECL Releases (04.29.2025)

Community News: Latest PECL Releases (04.22.2025)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Chris Shiflett's Blog:
PHP Security by Example

byChris Cornutt Sep 16, 2005 @ 18:07:05

On Chris Shiflett's blog today, he offers up some information about the three talks that he gave at the php|works conference this year.

I gave three talks at this year's phpworks conference. The most popular was PHP Security by Example, a talk that consists entirely of exercises. This approach is unique in the sense that the focus is on first exploiting vulnerable code and then fixing it. I think seeing how easy some exploits are gives people a better appreciation and understanding of the safeguards.

The slides are available in PDF and Flash format:

PHP Security by Example (PDF)
PHP Security by Example (Flash)

He talks about things like cross-site scripting, HTTP response splitting, and session fixation. I can see why, with all of the emphasis that's being put on security these days, why this talk would be the most popular...

tagged:

Link: