Programming Books C Java PHP Python Learn more Browse Programming Books
Pro PHP Security: From Application Security Principles to... and over one million other books are available for Amazon Kindle. Learn more
Try the eTextbook free for 7 days on your Fire, iOS, Android, PC, or Mac.

Qty:1
  • List Price: $54.99
  • Save: $11.00 (20%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Pro PHP Security: From Ap... has been added to your Cart
Sell yours for a Gift Card
We'll buy it for $19.67
Learn More
Trade in now
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source) Paperback – December 10, 2010

ISBN-13: 978-1430233183 ISBN-10: 1430233184 Edition: 2nd ed. 2010

Buy New
Price: $43.99
21 New from $39.32 14 Used from $44.84
Amazon Price New from Used from
Kindle
"Please retry"
Paperback
"Please retry"
$43.99
$39.32 $44.84
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Frequently Bought Together

Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source) + PHP Objects, Patterns, and Practice
Price for both: $86.28

Buy the selected items together

Editorial Reviews

About the Author

Chris Snyder is a software engineer at the Fund for the City of New York, where he helps develop next-generation websites and services for nonprofit organizations. He is a member of the executive board of New York PHP, and has been looking for new ways to build scriptable, linked, multimedia content since he saw his first Hypercard stack in 1988.

A bio is not available for this author.

Michael Southwell is a retired English professor who has been developing websites for more than 10 years in the small business, non-profit, and educational areas, with special interest in problems of accessibility. He has authored and co-authored eight books and numerous articles about writing, writing and computers, and writing education. He is a member of the executive board of New York PHP, and a Zend Certified Engineer.
NO_CONTENT_IN_FEATURE

Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Series: Expert's Voice in Open Source
  • Paperback: 368 pages
  • Publisher: Apress; 2nd ed. 2010 edition (December 10, 2010)
  • Language: English
  • ISBN-10: 1430233184
  • ISBN-13: 978-1430233183
  • Product Dimensions: 7.5 x 0.8 x 9.2 inches
  • Shipping Weight: 1.4 pounds (View shipping rates and policies)
  • Average Customer Review: 4.1 out of 5 stars  See all reviews (7 customer reviews)
  • Amazon Best Sellers Rank: #1,065,795 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.1 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

5 of 5 people found the following review helpful By A Golden Eagle on June 1, 2011
Format: Paperback
This was a pretty solid book on PHP web application security, and should be a part of any PHP developer's library. The author gives detailed descriptions of the most common ways in which your application can be attacked, and gives well thought out examples of how to guard against them. Here are some of the topics that you'll learn about in the book:

- SQL injection: This book gives a great overview of what SQL injection is, how to identify vulnerabilities, how to fix them, and how to test your application
- Cross-site scripting: This was a good one for me. Much of the documentation on XSS is pretty vague. The authors did a good job of providing several detailed examples of cross-site scripting attacks, and how to defend against them.
- Validating and Sanitizing input: The authors really stress the importance of validating and sanitizing any input that comes into your application. They give examples of how to create validation libraries. However, one of my main disappointments with the book was that they failed to discuss PHP's filter_var functionality.
- Captchas: What they are and how to implement them.
- Securing RESTful services: Restricting access, authenticating and authorizing requests, and enforcing quotas and rate limits.
- How to secure UNIX
- How to secure your database
- Encryption: The authors discuss keeping your passwords safe by hashing, and how to protect other sensitive data by symmetrical or asymmetrical encryption
- SSL and SSH: Securing network connections via SSL and SSH. How to generate certificates and keys.
- Securing shared hosting
- Keeping production and development environments separate
- Keeping software up to date

These are just some of the focus areas of this book. It provides even more interesting and valuable information. While this book won't make you a security expert, it will put you well on the path of proper security-minded PHP coding.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 6 people found the following review helpful By Amazon Customer on January 26, 2011
Format: Paperback
As a PHP web developer, I I highly recommend this book to anyone who uses PHP as parts of daily web programming tool. It is really difficult to find a book that emphasizes only on the PHP security from different approach. Fortunately, this book contains all the security perspective related to PHP.
If you bought the first edition of this book, you might be disappointment on how it was organized in the first edition; however, the second edition of this book will change your opinion forever. It is easy to follow, and the authors focus on only one specific area per chapter; as a result, it allows readers to focus on the specific security that they may either are not aware of the problems or want to get more in depth detail.
Overall, I think this book is not only good for the seasonal PHP programmers since they may only need some parts of security topics that related to their current projects but also good for the experience PHP programmer since they can use this book as reference.
I do not think this book is good for programmers who just start to learn PHP language since most of the topics in this book are for people who have worked in PHP for few years.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By Maureenfind on February 19, 2014
Format: Kindle Edition Verified Purchase
Great book with code included for tacking down major security design and implementation issues.
PHP must have for any beginning coder.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By Maxtor09 on October 16, 2012
Format: Paperback Verified Purchase
Clear and complete, easy to read with nice code examples. I recommend really this book. Thanks to the author !
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source)
This item: Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source)
Price: $54.99 $43.99
Ships from and sold by Amazon.com

What Other Items Do Customers Buy After Viewing This Item?