Pro PHP Security and over one million other books are available for Amazon Kindle. Learn more


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Pro PHP Security
 
 
Share your own customer images
Search inside this book
Start reading Pro PHP Security on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Pro PHP Security [Paperback]

Chris Snyder (Author), Michael Southwell (Author)
3.9 out of 5 stars  See all reviews (7 customer reviews) |
List Price: $44.99
Price: $29.69 & this item ships for FREE with Super Saver Shipping. Details
You Save: $15.30 (34%)
  Special Offers Available
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.
Want it delivered Tuesday, January 31? Choose One-Day Shipping at checkout. Details
Textbook Student FREE Two-Day Shipping for Students. Learn more

Formats

 Amazon Price New from Used from
Kindle Edition $26.72   -- --
Paperback $29.69   -- --
There is a newer edition of this item:
Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source) Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source) 3.0 out of 5 stars (3)
$37.38
In Stock.

Book Description

ISBN-10: 1590595084 | ISBN-13: 978-1590595084 | Publication Date: September 8, 2005 | Edition: 1st ed. 2005. Corr. 2nd printing

PHP is the world’s most popular open source web scripting language, installed on almost 17 million domains worldwide (www.php.net/usage.php). It is loved by beginners and embraced by advanced users. This book offers developers a complete guide to taking both defensive and proactive security approaches within their PHP applications.

Pro PHP Security guides developers through many of the defensive and proactive security measures that can be taken to help prevent attackers from potentially disrupting site operation or destroying data. Moreover, this book covers a wide swath of security measures, showing readers how to create and deploy captchas, validate email, fend off SQL injection attacks, prevent cross-site scripting attempts, and more.

Special Offers and Product Promotions

  • Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)

Frequently Bought Together

Customers buy this book with Essential PHP Security by Chris Shiflett Paperback $19.87

Pro PHP Security + Essential PHP Security
Price For Both: $49.56

Show availability and shipping details

  • This item: Pro PHP Security by Chris Snyder Paperback

    In Stock.
    Ships from and sold by Amazon.com.
    This item ships for FREE with Super Saver Shipping. Details

  • Essential PHP Security by Chris Shiflett Paperback

    In Stock.
    Ships from and sold by Amazon.com.
    Eligible for FREE Super Saver Shipping on orders over $25. Details

Customers Who Bought This Item Also Bought

Editorial Reviews

About the Author

Chris Snyder is employed at Fund for the City of New York (http://www.fcny.org/), where he develops next-generation websites and services for non-profit organizations.

Michael Southwell is a retired English professor who has been developing websites for the past seven years. He’s the author/co-author of eight books and numerous articles on writing, writing and computers, and writing education. He is a Zend Certified Engineer.

Product Details

  • Paperback: 528 pages
  • Publisher: Apress; 1st ed. 2005. Corr. 2nd printing edition (September 8, 2005)
  • Language: English
  • ISBN-10: 1590595084
  • ISBN-13: 978-1590595084
  • Product Dimensions: 9.2 x 7.4 x 1.2 inches
  • Shipping Weight: 2 pounds (View shipping rates and policies)
  • Average Customer Review: 3.9 out of 5 stars  See all reviews (7 customer reviews)
  • Amazon Best Sellers Rank: #371,875 in Books (See Top 100 in Books)

    •  Would you like to update product info or give feedback on images?
 

Customer Reviews

7 Reviews
5 star:
 (3)
4 star:
 (2)
3 star:
 (1)
2 star:    (0)
1 star:
 (1)
 
 
 
 
 
Average Customer Review
3.9 out of 5 stars (7 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most Helpful Customer Reviews

23 of 24 people found the following review helpful:
5.0 out of 5 stars Good information with lots of links to addtional resources, November 5, 2005
This review is from: Pro PHP Security (Paperback)
This book is great because it's thorough and on each topic it gives lots of links to additional resources. It's easy to read and it's organized well so you can find what you're looking for.

One of the main things I appreciate about this book is that it gives just the right amount of information. It focuses on practical usage of security techniques but I also like to know the high-level picture of how and why things got to be the way they are. This book tells me exactly what I want to know. A good example is the the section on hashing and encryption. It gives some simplified examples of how the algorithms work and talks about where they came from, which ones are better and why, and how to use them. But it doesn't dive too deeply into encryption theory which would only be interesting to someone wanting to code an encryption routine.

Some of the interesting things I learned from this book are:

1) I learned about the various hashing and encryption algorithms. Which ones are good and just how good are they. Before reading this book I couldn't have told you which is better between md5 and sha1.

2) I learned all about protecting against cross-site scripting and sql injection. I thought I had already taken enough precautions on my latest website, MarsBookmark.com, but this section pointed out some attacks I wasn't aware of. It also had links to sites with sample hack attacks you can run against your own website to see if it's vulnerable.

3) I learned how to do captcha screening to make sure people registering for my site are real humans and not robots (I haven't actually implemented this yet but I will soon). The book also pointed out something I never thought of - a hacker with a popular site can proxy registrations from your site to real people trying to register on his site and defeat your captcha by tricking people who think they are answering a captcha for his site. As usual, the author provides lots of links to other sites for more resources on captcha.

I've never before focused on security as much as I should have. Probably because all the information was not readily available in a single easy-to-digest book until this one. I'm really glad I found this book.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


14 of 15 people found the following review helpful:
4.0 out of 5 stars Unless you're already well-versed in the topic ..., March 8, 2006
This review is from: Pro PHP Security (Paperback)
Unless you're already very well-versed in the subject matter, ( sql injection, cross-site scripting, session hijacking, remote execution, sanitizing user data/input, ssh, encryption, ssl, dangers of shared-host scenarios, bulletproofing db installations, user verification, captchas, remote procedure calls ) this material is relatively comprehensive and valuable. Well-organized, well thought out, I won't hesitate to recommend this one.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


16 of 18 people found the following review helpful:
5.0 out of 5 stars Serious, well-written, should be on your reading list, October 24, 2005
By 
David Powers (London, United Kingdom) - See all my reviews
(REAL NAME)   
This review is from: Pro PHP Security (Paperback)
One of the great attractions of PHP is that it's easy to learn, and you can use it to build interactive websites in next to no time. Just like learning to drive a car, though, early success can lead to over-confidence. This book is a timely reminder of the pitfalls that lie in wait not only for the unwary, but also for the more experienced PHP programmer.

In keeping with the title, "Pro PHP Security", the authors address many issues that beginners may not regard as being on their immediate horizon. While some issues are advanced, it's a book that should be on the reading list of every PHP user. In addition to practical examples that deal with specific vulnerabilities, there's a clear exposition of the need to understand good application design. Chapter 19 ("Using Roles to Authorize Actions") is an object lesson in how a seemingly straightforward project can rapidly overwhelm you with complexity, and provides good advice on how to avoid this sort of problem.

I suspect that most readers will gravitate towards Part 3, which concentrates on practical solutions for specific security loopholes, such as validating user input, SQL injection, cross-site scripting, and preventing remote execution. Invaluable though these chapters are, the real value lies in making the reader aware of all aspects of security. Preventing accidental deletion of data, even by trusted members of a team, is just as much a security risk as the script kiddie trying to corrupt your data. This book takes a welcome, rounded viewpoint of security issues from a variety of angles. While not scare-mongering, it's a salutary wake-up call.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Share your thoughts with other customers: Create your own review
 
 
 
Most Recent Customer Reviews





Only search this product's reviews


Front Cover | Table of Contents | First Pages | Index | Surprise Me!
Search Inside This Book:
Inside This Book (learn more)
Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
downloadable archive, image captcha, maintaining separate development, gold server, good netizenship, signon request, openssl module, securing network connections, working mailbox, working email address, crypt file, superglobal array, nobody user, logger class, php class, usage reminder, filesystem permissions, submitted password, session abuse, preventing data loss, php header, rhosts authentication, deleted flag, sudo command, php script
Key Phrases - Capitalized Phrases (CAPs): (learn more)
Certificate Authority, Basic Authentication, Single Sign-On, Client Certificate, Digest Authentication, Secure Sockets Layer, Handshake Protocol, Builtin Object Token, Certificate Chain, Done Figure, Mozilla Firefox, United States, Content Management System, Internet Explorer, Record Protocol, Roles-based Access Control, Creative Commons, Message Authentication Code, Red Hat, Signature Algorithm, Certificate Revocation Lists, Connection Layer, Data Security, Directive Purpose, Keychain Access
New!
Books on Related Topics | Concordance | Text Stats
Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Surprise Me!
Search Inside This Book:

Books on Related Topics (learn more)
 
 

Tags Customers Associate with This Product

 (What's this?)
Click on a tag to find related items, discussions, and people.
 
(5)
(5)
(5)
(3)
(2)
(2)
(2)
(2)
(1)
(1)
Agree with these tags?
See all 14 tags...

Your tags: Add your first tag
 
See most popular tags

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Active discussions in related forums
Search Customer Discussions
Search all Amazon discussions
   
Related forums

Listmania!


Create a Listmania! list

So You'd Like to...


Create a guide

Look for Similar Items by Category

Look for Similar Items by Subject

Search Books by subject:




















i.e., each book must be in subject 1 AND subject 2 AND ...