Essential PHP Security and over 2 million other books are available for Amazon Kindle . Learn more
£19.50
FREE Delivery in the UK.
Only 2 left in stock (more on the way).
Dispatched from and sold by Amazon.
Gift-wrap available.
Quantity:1
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Essential PHP Security Paperback – 23 Oct 2005


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
Paperback
"Please retry"
£19.50
£9.31 £0.01

Frequently Bought Together

Essential PHP Security + Programming PHP
Price For Both: £35.85

Buy the selected items together


Product details

  • Paperback: 130 pages
  • Publisher: O'Reilly Media; 1 edition (23 Oct 2005)
  • Language: English
  • ISBN-10: 059600656X
  • ISBN-13: 978-0596006563
  • Product Dimensions: 17.8 x 0.7 x 23.3 cm
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (14 customer reviews)
  • Amazon Bestsellers Rank: 359,789 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

Review

You've heard the nasty stories about PHP sites being wiped off the web by evil hackers? Sadly it's not scare-mongering as it does happen, and as much as we love PHP it needs proper security to keep your site safe from harm. Plenty of PHP books have the odd chapter on security but at last O'Reilly have published a whole volume dedicated to the cause, with all the code you'll need to keep everything in order. Each chapter covers a different aspect of the application, from form processing to database programming and session management. Written in a straight forward style, it's ideal for every PHP user, but at GBP20 you might expect a little more than just 100 pages." .NET, November 2005 "If you write PHP scripts, get a copy" - Alain Williams, news@UK, March 2006

Book Description

A Guide to Building Secure Web Applications

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

4.3 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

22 of 23 people found the following review helpful By Studland on 13 Nov 2005
Format: Paperback
We've probably all heard about sql injections, cross side scripting, session hi-jacking and other security issues in PHP, and this book explains what they are, how they happen and how to combat them. More than that though, you'll learn best practices for writing secure php pages.
One of the things I liked about this book is that you don't need to be sat next to your PC to read it. Though it has many nice and clear code examples, it's mainly about principles and theory. Excellent to have on the bedside table.
It isn't a very thick book, but is written in a clear and accessible style, and I found myself going 'aha' all the way through. I read it quickly but have a feeling that I'll return to it often until all those best practices are memorised and I'm 'doing' them.
Worth buying? Definitely. This book should be on every serious PHP programmer's bookshelf.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Rene Gundersen on 12 Feb 2007
Format: Paperback
This book is very good, and absolutely recommandable.

The book is not very big (~100 pages) and can be read quite fast. It's also an easy read, as the language in the book is not hard as some other technical books might be. The explanations are good, and easy to understand, as well as the reasoning.

I enjoyed this book, and it's a great reference. It's size also allows you to read it again (And that's a great idea - Helps you to remember) to get the most out of the book.

The author knows what he talks about, and his advice really makes sense. You might already be aware of some of the concepts, such as filtering input etc, but Chris explains really well the ideas behind such concepts, and gives great examples of what can go wrong if you fail to follow the simple principles given.

All in all, this is a great book that really helps you, by teaching you best practices from a very experienced web-developer.

And the book is really great as a reference.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
12 of 14 people found the following review helpful By Miha Hribar on 6 Sep 2006
Format: Paperback
We've all written unsecure code. Then tried to circumvent our weak security measures. It made us better programmers, and made us sleep better knowing our applications were safe. But there is just so far your imagination can go, while thinking up ways to get inside your perfectly secure system.

Essential PHP Security by Chris Shiflett brings you those ideas in a book that looks rather, well small. We've all gotten used to those big, heavy, shelf bending computer books, but this one has just 124 pages. Allow me to get a bit poetic: Don't judge the book by its covers, or rather by the number of pages. This book is the essential reading for all PHP developers, professional and hobbyist alike. It is one of those books that will not get outdated and will be referenced on a daily basis.

I really enjoyed reading this book. It made me realize that some of my approaches were a bit misslead, but mostly solidified my way of coding. And that is really what I was looking to get out of this book.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Paperback
If you've done a bit of PHP programming, or have used any other online scripting languages, but have never considered the security implications, this book is essential. The threats are jaw-droppingly simple, but so are their fixes, and the principles remain for other technologies too. The techniques will also improve the integrity of your data and ensure that you consider security in the design process of your applications.

The book is lean and quick to read, the content is aimed at reasonably knowledgeable programmers, but there is nothing here that can't be easily researched. All the issues are illustrated with short, relevant examples and code, which makes a change from most programming books. The author also maintains his own website to ensure that readers can remain updated on problems for the foreseeable future. Overall, this is essential stuff and great value.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Paperback Verified Purchase
I've found this book useful because it explained to me how certain vulnerabilities can arise. That is handy to know whatever language you are writing in. The solutions the author suggests can also be employed outside of PHP.

I agree with most of the comments of the other reviewers so I won't bore you by repeating them.

It may only be 100 pages but it's well worth the price if you need educating about web security.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 4 people found the following review helpful By Stephen Hampshire VINE VOICE on 12 Jun 2006
Format: Paperback Verified Purchase
Probably nothing new here for most PHP programmers, but it's nice to have it all collected in one place.

The structure is also cleverly thought out, dealing chapter by chapter with specific types of activity (e.g. forms, databases, sessions etc).

It's a thin book for the money, but much clearer than anything less specialist I've come across. Thin enough that you can check through all of it before your site goes live - just in case!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Paperback Verified Purchase
This book is by no means a tome and was probably written for kindle first.

That said, it highlights a lot of the important concepts of filter input and escape output. If you do that, you've probably covered 85% of the problems.

The book also covers cookie interception and SQL injection, but the Internet will also give the same.

It won't take long to read the book, but perhaps as long as your code is written with 'security in depth' again you're most of the way there.

Given four stars for what's in the book, but more guidance and examples would have been welcome.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again


Feedback