Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.
Download to your computer
Kindle Cloud Reader

Pro PHP Security 1st Corrected ed. 2005. Corr. 2nd printing 2005 Edition

by Chris Snyder (Author), Michael Southwell (Author)
3.9 out of 5 stars 8 customer reviews
ISBN-13: 978-1590595084
ISBN-10: 1590595084
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon

Sorry, there was a problem.

There was an error retrieving your Wish Lists. Please try again.

Sorry, there was a problem.

List unavailable.
Facebook Twitter Pinterest
Buy used On clicking this link, a new layer will be open
$5.98 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$33.70 On clicking this link, a new layer will be open
More Buying Choices
29 New from $14.04 36 Used from $0.01
65 used & new from $0.01
See All Buying Options
Save Up to 90% on Textbooks Textbooks
$33.70 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Customers Who Bought This Item Also Bought

Page 1 of 1 Start overPage 1 of 1
This shopping feature will continue to load items. In order to navigate out of this carousel please use your heading shortcut key to navigate to the next or previous heading.
Back
  1. Pro PHP: Patterns, Frameworks, Testing and More
    Kevin McArthur
    3.7 out of 5 stars 18
    Paperback
    $34.06 Prime
  2. Essential PHP Security
    Chris Shiflett
    4.0 out of 5 stars 33
    Paperback
    $23.61 Prime
Next
NO_CONTENT_IN_FEATURE

Product Details

  • Paperback: 528 pages
  • Publisher: Apress; 1st Corrected ed. 2005. Corr. 2nd printing 2005 edition (August 23, 2006)
  • Language: English
  • ISBN-10: 1590595084
  • ISBN-13: 978-1590595084
  • Product Dimensions: 7.5 x 1.2 x 9.2 inches
  • Shipping Weight: 2 pounds (View shipping rates and policies)
  • Average Customer Review: 3.9 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Best Sellers Rank: #2,270,056 in Books (See Top 100 in Books)

    •  Would you like to update product info or give feedback on images?

Customers Viewing This Page May Be Interested In These Sponsored Links

  (What's this?)
1.  Générateur de Code PHP opens new browser window
  -  
Développement Applications WEB. Formulaires, rapports, tableaux,PDF
www.scriptcase.net/
2.  Get PHP programmers opens new browser window
  -  
Can't find PHP programmers? We have best remote ones for you!
php.outsoft.com/
3.  Gemnasium opens new browser window
  -  
Keep your dependencies up-to-date. Check your project now for free.
www.gemnasium.com/
4.  Cryptography for PHP opens new browser window
  -  
Add encryption standards support to your PHP application
www.eldos.com/SecureBlackbox

Customer Reviews

Top Customer Reviews

5.0 out of 5 starsGood information with lots of links to addtional resources
By David L. Hickman on November 5, 2005
Format: Paperback
This book is great because it's thorough and on each topic it gives lots of links to additional resources. It's easy to read and it's organized well so you can find what you're looking for.

One of the main things I appreciate about this book is that it gives just the right amount of information. It focuses on practical usage of security techniques but I also like to know the high-level picture of how and why things got to be the way they are. This book tells me exactly what I want to know. A good example is the the section on hashing and encryption. It gives some simplified examples of how the algorithms work and talks about where they came from, which ones are better and why, and how to use them. But it doesn't dive too deeply into encryption theory which would only be interesting to someone wanting to code an encryption routine.

Some of the interesting things I learned from this book are:

1) I learned about the various hashing and encryption algorithms. Which ones are good and just how good are they. Before reading this book I couldn't have told you which is better between md5 and sha1.

2) I learned all about protecting against cross-site scripting and sql injection. I thought I had already taken enough precautions on my latest website, MarsBookmark.com, but this section pointed out some attacks I wasn't aware of. It also had links to sites with sample hack attacks you can run against your own website to see if it's vulnerable.

3) I learned how to do captcha screening to make sure people registering for my site are real humans and not robots (I haven't actually implemented this yet but I will soon).Read more ›
Comment 23 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
4.0 out of 5 starsUnless you're already well-versed in the topic ...
By John R. Mcwade on March 8, 2006
Format: Paperback
Unless you're already very well-versed in the subject matter, ( sql injection, cross-site scripting, session hijacking, remote execution, sanitizing user data/input, ssh, encryption, ssl, dangers of shared-host scenarios, bulletproofing db installations, user verification, captchas, remote procedure calls ) this material is relatively comprehensive and valuable. Well-organized, well thought out, I won't hesitate to recommend this one.
Comment 14 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
5.0 out of 5 starsSerious, well-written, should be on your reading list
By David Powers on October 24, 2005
Format: Paperback
One of the great attractions of PHP is that it's easy to learn, and you can use it to build interactive websites in next to no time. Just like learning to drive a car, though, early success can lead to over-confidence. This book is a timely reminder of the pitfalls that lie in wait not only for the unwary, but also for the more experienced PHP programmer.

In keeping with the title, "Pro PHP Security", the authors address many issues that beginners may not regard as being on their immediate horizon. While some issues are advanced, it's a book that should be on the reading list of every PHP user. In addition to practical examples that deal with specific vulnerabilities, there's a clear exposition of the need to understand good application design. Chapter 19 ("Using Roles to Authorize Actions") is an object lesson in how a seemingly straightforward project can rapidly overwhelm you with complexity, and provides good advice on how to avoid this sort of problem.

I suspect that most readers will gravitate towards Part 3, which concentrates on practical solutions for specific security loopholes, such as validating user input, SQL injection, cross-site scripting, and preventing remote execution. Invaluable though these chapters are, the real value lies in making the reader aware of all aspects of security. Preventing accidental deletion of data, even by trusted members of a team, is just as much a security risk as the script kiddie trying to corrupt your data. This book takes a welcome, rounded viewpoint of security issues from a variety of angles. While not scare-mongering, it's a salutary wake-up call.
Comment 16 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
3.0 out of 5 starsGood info, not many solutions
By Jonny on November 5, 2007
Format: Paperback
Like the title states this book tells you about a lot of security issues you should be aware of, but doesn't go in depth for many solutions. Especially xss which is the only reason i bought the book. For how much the book costs i figured it would include some really good php solutions. I mean the thing is in black and white, what's with the price tag that doesn't tell me anything that i can't find on the web.
1 Comment 7 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Set up an Amazon Giveaway

Pro PHP Security
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
This item: Pro PHP Security
Set up a giveaway

There's a problem loading this menu right now.

Learn more about Amazon Prime.



Pages with Related Products. See and discover other items: computer programs