Essential PHP Security and over 2 million other books are available for Amazon Kindle . Learn more


or
Sign in to turn on 1-Click ordering.
Trade in Yours
For a 0.25 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Colour:
Image not available

 
Start reading Essential PHP Security on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Essential PHP Security [Paperback]

Chris Shiflett
4.2 out of 5 stars  See all reviews (12 customer reviews)
RRP: 19.50
Price: 16.58 & FREE Delivery in the UK. Details
You Save: 2.92 (15%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 2 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want it tomorrow, 3 Sept.? Choose Express delivery at checkout. Details

Formats

Amazon Price New from Used from
Kindle Edition 10.79  
Paperback 16.58  
Trade In this Item for up to 0.25
Trade in Essential PHP Security for an Amazon Gift Card of up to 0.25, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more

Book Description

23 Oct 2005 059600656X 978-0596006563 1

Being highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.

Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.

In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.

Topics covered include:

  • Preventing cross-site scripting (XSS) vulnerabilities
  • Protecting against SQL injection attacks
  • Complicating session hijacking attempts

You are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.


Frequently Bought Together

Essential PHP Security + PHP Cookbook (Cookbooks (O'Reilly)) + Programming PHP
Price For All Three: 65.01

Buy the selected items together


Product details

  • Paperback: 130 pages
  • Publisher: O'Reilly Media; 1 edition (23 Oct 2005)
  • Language: English
  • ISBN-10: 059600656X
  • ISBN-13: 978-0596006563
  • Product Dimensions: 23.2 x 17.8 x 0.7 cm
  • Average Customer Review: 4.2 out of 5 stars  See all reviews (12 customer reviews)
  • Amazon Bestsellers Rank: 242,460 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

Review

You've heard the nasty stories about PHP sites being wiped off the web by evil hackers? Sadly it's not scare-mongering as it does happen, and as much as we love PHP it needs proper security to keep your site safe from harm. Plenty of PHP books have the odd chapter on security but at last O'Reilly have published a whole volume dedicated to the cause, with all the code you'll need to keep everything in order. Each chapter covers a different aspect of the application, from form processing to database programming and session management. Written in a straight forward style, it's ideal for every PHP user, but at GBP20 you might expect a little more than just 100 pages." .NET, November 2005 "If you write PHP scripts, get a copy" - Alain Williams, news@UK, March 2006

Book Description

A Guide to Building Secure Web Applications

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

What Other Items Do Customers Buy After Viewing This Item?


Customer Reviews

Most Helpful Customer Reviews
22 of 23 people found the following review helpful
5.0 out of 5 stars Essential reading 13 Nov 2005
Format:Paperback
We've probably all heard about sql injections, cross side scripting, session hi-jacking and other security issues in PHP, and this book explains what they are, how they happen and how to combat them. More than that though, you'll learn best practices for writing secure php pages.
One of the things I liked about this book is that you don't need to be sat next to your PC to read it. Though it has many nice and clear code examples, it's mainly about principles and theory. Excellent to have on the bedside table.
It isn't a very thick book, but is written in a clear and accessible style, and I found myself going 'aha' all the way through. I read it quickly but have a feeling that I'll return to it often until all those best practices are memorised and I'm 'doing' them.
Worth buying? Definitely. This book should be on every serious PHP programmer's bookshelf.
Comment | 
Was this review helpful to you?
2 of 2 people found the following review helpful
4.0 out of 5 stars Very informative, best practices 12 Feb 2007
Format:Paperback
This book is very good, and absolutely recommandable.

The book is not very big (~100 pages) and can be read quite fast. It's also an easy read, as the language in the book is not hard as some other technical books might be. The explanations are good, and easy to understand, as well as the reasoning.

I enjoyed this book, and it's a great reference. It's size also allows you to read it again (And that's a great idea - Helps you to remember) to get the most out of the book.

The author knows what he talks about, and his advice really makes sense. You might already be aware of some of the concepts, such as filtering input etc, but Chris explains really well the ideas behind such concepts, and gives great examples of what can go wrong if you fail to follow the simple principles given.

All in all, this is a great book that really helps you, by teaching you best practices from a very experienced web-developer.

And the book is really great as a reference.
Comment | 
Was this review helpful to you?
12 of 14 people found the following review helpful
5.0 out of 5 stars 8 chapters. 30 exploits. Impossibly small 6 Sep 2006
Format:Paperback
We've all written unsecure code. Then tried to circumvent our weak security measures. It made us better programmers, and made us sleep better knowing our applications were safe. But there is just so far your imagination can go, while thinking up ways to get inside your perfectly secure system.

Essential PHP Security by Chris Shiflett brings you those ideas in a book that looks rather, well small. We've all gotten used to those big, heavy, shelf bending computer books, but this one has just 124 pages. Allow me to get a bit poetic: Don't judge the book by its covers, or rather by the number of pages. This book is the essential reading for all PHP developers, professional and hobbyist alike. It is one of those books that will not get outdated and will be referenced on a daily basis.

I really enjoyed reading this book. It made me realize that some of my approaches were a bit misslead, but mostly solidified my way of coding. And that is really what I was looking to get out of this book.
Comment | 
Was this review helpful to you?
3 of 4 people found the following review helpful
4.0 out of 5 stars Useful, structured, collection of advice 12 Jun 2006
By Stephen Hampshire VINE VOICE
Format:Paperback|Verified Purchase
Probably nothing new here for most PHP programmers, but it's nice to have it all collected in one place.

The structure is also cleverly thought out, dealing chapter by chapter with specific types of activity (e.g. forms, databases, sessions etc).

It's a thin book for the money, but much clearer than anything less specialist I've come across. Thin enough that you can check through all of it before your site goes live - just in case!
Comment | 
Was this review helpful to you?
4.0 out of 5 stars An essential checklist, but there is more ... 31 Oct 2011
Format:Paperback|Verified Purchase
This book is by no means a tome and was probably written for kindle first.

That said, it highlights a lot of the important concepts of filter input and escape output. If you do that, you've probably covered 85% of the problems.

The book also covers cookie interception and SQL injection, but the Internet will also give the same.

It won't take long to read the book, but perhaps as long as your code is written with 'security in depth' again you're most of the way there.

Given four stars for what's in the book, but more guidance and examples would have been welcome.
Comment | 
Was this review helpful to you?
5.0 out of 5 stars compact but perfect 24 Feb 2011
By Scott
Format:Paperback|Verified Purchase
One of the problems with computing books tends to be they ramble on, and on and on.... But not this one. It short, very short. But perfect for that. It doesn't tell you about the history of PHP, it doesn't sell PHP as a scripting language, it tells shows you how to protect your site from being attacked. It's not an in depth security book, it's a very practical guide to help you a developer build (and maintain) a site in a secure way. Nothing more nothing less, if you ever use PHP buy this book, and spend an afternoon reading it, then the next week fixing the holes in what you thought was a secure site.
Comment | 
Was this review helpful to you?
Would you like to see more reviews about this item?
Were these reviews helpful?   Let us know
Most Recent Customer Reviews
2.0 out of 5 stars Not worth to read. Data is out od date.
The described security problems was reasonable 10 years ago and nearly all these problems was solved 5-10 years ago. Read more
Published 18 months ago by Vitas
5.0 out of 5 stars Small in Size but Pure Gold
I was disappointed when I opened my Amazon package to find this slim book (100+pages). However, the content is pure gold. If you write PHP scripts you should read this book. Read more
Published on 25 July 2010 by John G. Dyke
4.0 out of 5 stars Security advice that is useful for non-PHP programers too
I've found this book useful because it explained to me how certain vulnerabilities can arise. That is handy to know whatever language you are writing in. Read more
Published on 24 Oct 2009 by Ms. Mary Ellis
3.0 out of 5 stars A bit too simple for my needs
It does contain simple ways to make your websites more secure, but nothing too tricky.

I was a bit disappointed with this book. Read more
Published on 31 July 2009 by Kulmala Tomi
5.0 out of 5 stars Great introduction to PHP security
Great advice, very small compact book, clearly written.

This book makes light work of a complex topic but does not go into great depth. Read more
Published on 16 May 2008 by Mr. J. Hopkins
5.0 out of 5 stars Absolutely Essential
If you've done a bit of PHP programming, or have used any other online scripting languages, but have never considered the security implications, this book is essential. Read more
Published on 13 Dec 2007 by D. Hickling
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 

Search Customer Discussions
Search all Amazon discussions
   


Look for similar items by category


Feedback