Industrial-Sized Deals TextBTS15 Shop Women's Handbags Learn more nav_sap_plcc_6M_fly_beacon Melanie Martinez Storm Fire TV Stick Off to College Essentials Find the Best Purina Pro Plan for Your Pet Shop Popular Services Home Theater Setup Plumbing Services Assembly Services Shop all tmnt tmnt tmnt  Amazon Echo Fire HD 6 Kindle Voyage The Walking Dead\ Shop Now Deal of the Day
Essential PHP Security and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $29.95
  • Save: $7.83 (26%)
FREE Shipping on orders over $35.
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Essential PHP Security has been added to your Cart
Condition: Used: Good
Comment: This item is gently used in good or better condition. If it is a textbook it may not have supplements. It may have some moderate wear and possibly include previous ownerâ€TMs name, some markings and/or is a former library book. We ship within 1 business day and offer no hassle returns. Big Hearted Books shares its profits with schools, churches and non-profit groups throughout New England. Thank you for your support!
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Essential PHP Security Paperback – October 20, 2005

32 customer reviews

See all 4 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle
"Please retry"
Paperback
"Please retry"
$22.12
$5.34 $0.43

Save up to 40% on professional, scholarly and scientific resources.
Wiley's Summer Savings Event
Save up to 40% on professional, scholarly and scientific resources. Learn more.
$22.12 FREE Shipping on orders over $35. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Essential PHP Security + Advanced PHP Programming
Price for both: $62.87

Buy the selected items together

Editorial Reviews

Review

You've heard the nasty stories about PHP sites being wiped off the web by evil hackers? Sadly it's not scare-mongering as it does happen, and as much as we love PHP it needs proper security to keep your site safe from harm. Plenty of PHP books have the odd chapter on security but at last O'Reilly have published a whole volume dedicated to the cause, with all the code you'll need to keep everything in order. Each chapter covers a different aspect of the application, from form processing to database programming and session management. Written in a straight forward style, it's ideal for every PHP user, but at GBP20 you might expect a little more than just 100 pages." .NET, November 2005 "If you write PHP scripts, get a copy" - Alain Williams, news@UK, March 2006

Book Description

A Guide to Building Secure Web Applications

See all Editorial Reviews
NO_CONTENT_IN_FEATURE

Best Books of the Month
Best Books of the Month
Want to know our Editors' picks for the best books of the month? Browse Best Books of the Month, featuring our favorite new books in more than a dozen categories.

Product Details

  • Paperback: 130 pages
  • Publisher: O'Reilly Media; 1 edition (October 23, 2005)
  • Language: English
  • ISBN-10: 059600656X
  • ISBN-13: 978-0596006563
  • Product Dimensions: 7 x 0.3 x 9.2 inches
  • Shipping Weight: 8 ounces (View shipping rates and policies)
  • Average Customer Review: 4.0 out of 5 stars  See all reviews (32 customer reviews)
  • Amazon Best Sellers Rank: #325,850 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

44 of 48 people found the following review helpful By John A. Suda VINE VOICE on November 2, 2005
Format: Paperback
You would think that with all of the books being published recently about PHP that everyone and his mother is writing PHP code. This may be true, but even if it is not, it is certain that many people and businesses are using PHP code, in concert with other applications like MySQL, to produce dynamic web sites. This is all well and good because PHP is a high-quality coding language especially well-suited to web applications. It is also open-source, meaning well-supported by a community of coders and developers and cost-free. The one problem is that, like all coding languages, poorly designed or written PHP applications can be security risks potentially allowing Internet miscreants to cause damage to web servers, hosts, and users. It appears to be the case that there are many, many instances of insecure PHP code in use, hence, the value in a targeted book on PHP security, like "Essential PHP Security", by Chris Shiflett.

The author is an internationally-known and accomplished expert on PHP security. He is the founder of the PHP Security Consortium, a group of volunteers who help educate the PHP community, and a well-known contributor to the PHP-general mail digest. The book is designed to provide security information and guidelines and explain the most common types of attacks and how to prevent or repel them.

"Essential PHP Security" is a slight volume of only 109 pages, including index. Shiflett wastes no time and immediately jumps into his topic, starting with his opinion on the use of the PHP concept of "register globals", a configuration setting which he recommends against using in favor of "superglobal arrays".
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
17 of 17 people found the following review helpful By Castlebravo on December 31, 2008
Format: Paperback
I really wanted to write a glowing review of Mr. Shiflett's book, Essential PHP Security, but I can't help but dissapointed by the weaknesses.

The author's blog ([...]) and PHP security website ([...]) are good sources of information on PHP security and web creation in general. With the wisdom hinted at via his websites, I looked forward to more in depth insights and specifics in his book. Unfortunately for Mr. Shiflett, writing a book is not like writing 'bites' for a blog or marketing yourself as experienced and knowledgable. This book reads like an anthology of blog articles and seminar presentations and that weakness kills what should otherwise really be an essential text.

As another helpful reviewer pointed out, this book is a not appropriate for new PHP programmers. That reviewer also noted that it is precisely new initiates to PHP that need these lessons the most. The protective measures suggested in the book are presented superficially. The author highlights the vulnerability, but then only hints at a protective measure by providing a code snip-it which totally lacks context. Most novice readers expect examples of how to apply and integrate the suggested technique effectively and efficiently within the basics they already know.

Mr. Shiflett writes in his acknowledgements, "Written during one of the busiest years of my life ... [the people at O'reilly] have gone out of their way to make the entire process fit around my writing style and busy schedule."

Smoking gun?

For a full price book, the author had room, but perhaps not the desire to provide more substance. Concise does not have to be superficial. The book's main content is 85 pages -- followed by three appendices between pages 87 and 103. The index runs between pages 105 and 109.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
11 of 11 people found the following review helpful By Sam on November 22, 2005
Format: Paperback
This long awaited work from who many refer to as the guru of PHP security is finally out.

I must say though, when it arrived in the mail, I was a bit surprised by the package. Rather than the typical book box you get, it was in a padded envelope and upon opening the package I saw that the book was a mere 109 pages (with appendices starting on page 87).

As I began to read the book, I started to realize some of the reasons for the small size. Chris stays completely on topic with PHP security and doesn't meander into subjects such as Linux server administration and security, which other (larger) texts do to quite a large extent. I acually went to another PHP security text I had recenty read, and if I took out the sysadmin sections, it left about the same amount of pages as Chris's book. Also Chris's approach to PHP security seems to be a very 'keep it simple one'. He doesn't get into elaborate security frameworks and application layers. He simply defines a PHP security issue, and provides a strait forward and simple solution for the problem. I agree with this approach since over engineering a solution, breeds complexity and complexity can easily mask, you guessed it, "security issues".

I would say what I liked most about this book is that he brought to light the security concerns when running on a shared host. I think this topic if very often neglected on the majority of PHP security articles and texts even though many of us use shared hosting due to how cheep it is. Chris devotes an entire chapter to the situation and clearly explains the vast security risks that come with shared hosting and gives examples of how to mitigate the risks.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Essential PHP Security
This item: Essential PHP Security
Price: $22.12
Ships from and sold by Amazon.com

Want to discover more products? Check out these pages to see more: hacking, computer security