Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Resonant Core:
Building Secure Web Applications in PHP
Feb 09, 2015 @ 16:26:19

The Resonant Core blog has a post today with a selection of tips and techniques you can use to help build secure applications in PHP, preventing several of the most common issues (several as mentioned in the OWASP Top 10).

There are but two causes for the unintentional creation of insecure web applications: A lack of knowledge about security [and] bad development habits. Developers who don't know about the risks involved with writing a widget a certain way are unlikely to make the secure choice. Thanks to the work of MITRE and OWASP, the most common vulnerabilities (and their consequences) are widely known and accessible. However, when teams are under pressure to meet a tight deadline, bad habits and insecure development practices may still emerge.

Most of the examples (at least the solutions) center around a framework they've created (Tuner) but the concepts are all there and could be adapted to other tools easily. They talk about the "pain" that can come with secure coding and how the right tools can make it much easier for the developer. He talks about how the framework offers a better database interface based on PDO and prepared statements to prevent SQL injection issues (with examples for each of the CRUD operations). He also shares a list of pre-existing PHP libraries that can help make the rest of you application secure too including:

He also mentions a PHP extension that adds in scrypt support, another option for hashing strings and passwords as an alternative to bcrypt.

tagged: secure application database sqlinjection library recommended list

Link: https://resonantcore.net/blog/2015/02/building-secure-web-applications-in-php

Paul Reinheimer's Blog:
Advanced PHP Programming
May 29, 2006 @ 23:37:18

Paul Reinheimer shares, in this new post from his blog, a mini-review of the Sams book Advanced PHP Programming.

I didn't get my hands on it until quite late Friday night, since then I've flown half way across the country and driven almost 1000km, but still managed to find the time to read through most of it, basically I couldn't wait to start plugging this title so I had to post this now.

He comments on the size of the book, some of the subject matter presented, and how much he's learned just from reading it. He recommends it to any PHP developer looking to further their skills all around in the language.

tagged: advanced programming book sections recommended advanced programming book sections recommended

Link:

Paul Reinheimer's Blog:
Advanced PHP Programming
May 29, 2006 @ 23:37:18

Paul Reinheimer shares, in this new post from his blog, a mini-review of the Sams book Advanced PHP Programming.

I didn't get my hands on it until quite late Friday night, since then I've flown half way across the country and driven almost 1000km, but still managed to find the time to read through most of it, basically I couldn't wait to start plugging this title so I had to post this now.

He comments on the size of the book, some of the subject matter presented, and how much he's learned just from reading it. He recommends it to any PHP developer looking to further their skills all around in the language.

tagged: advanced programming book sections recommended advanced programming book sections recommended

Link:

IBM developerWorks:
Recommended PHP reading list
Mar 17, 2006 @ 13:46:34

The IBM developerWorks site has created a huge "recommended reading list" of artcles/tutorials/packages/etc for PHP developers of all skill levels to check out.

This list of recommended reading material on PHP is compiled from a variety of online sources by Web application developers in IBM's Global Production Services organization. These resources have been selected with the intention of introducing IT specialists and architects to PHP, providing specific information about development and maintenance, and helping to integrate the technology with IBM products.

They have the list broken up onto sections like "Development", "Community and News", and "Migration" with several sub-sections under each. Obviously, there are many more resources out there than just what's on this list, but it's a great start for anyone that really wants a crash course in all things PHP.

[digg it]

tagged: recommended reading list migration development community news recommended reading list migration development community news

Link:

IBM developerWorks:
Recommended PHP reading list
Mar 17, 2006 @ 13:46:34

The IBM developerWorks site has created a huge "recommended reading list" of artcles/tutorials/packages/etc for PHP developers of all skill levels to check out.

This list of recommended reading material on PHP is compiled from a variety of online sources by Web application developers in IBM's Global Production Services organization. These resources have been selected with the intention of introducing IT specialists and architects to PHP, providing specific information about development and maintenance, and helping to integrate the technology with IBM products.

They have the list broken up onto sections like "Development", "Community and News", and "Migration" with several sub-sections under each. Obviously, there are many more resources out there than just what's on this list, but it's a great start for anyone that really wants a crash course in all things PHP.

[digg it]

tagged: recommended reading list migration development community news recommended reading list migration development community news

Link:


Trending Topics: