Buy Used
Used - Very Good See details
Price: £5.34

Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Image not available

Tell the Publisher!
I’d like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Secure PHP Development: Building 50 Practical Applications [Paperback]

Mohammed J. Kabir
2.0 out of 5 stars  See all reviews (4 customer reviews)

Available from these sellers.

Book Description

23 May 2003 0764549669 978-0764549663 Pap/Cdr
∗ Offers fifty practical and secure PHP applications that readers can immediately put to use
∗ Explains the entire life cycle of each PHP application, including requirements, design, development, maintenance, and tuning
∗ Reviews application development line–by–line and module–by–module to help readers understand specific coding practices and requirements
∗ Applications can be readily adapted to many real–world business situations
∗ CD–ROM contains fifty ready–to–use PHP applications, an evaluation version of Zend tools, and the latest versions of PHP, Apache, and MySQL

Product details

  • Paperback: 904 pages
  • Publisher: John Wiley & Sons; Pap/Cdr edition (23 May 2003)
  • Language: English
  • ISBN-10: 0764549669
  • ISBN-13: 978-0764549663
  • Product Dimensions: 23.3 x 18.8 x 4.9 cm
  • Average Customer Review: 2.0 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Bestsellers Rank: 2,750,033 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

From the Back Cover

Your in–depth guide to designing and developing secure PHP applications

It’s a hacker’s dream come true: over one million Web sites are now vulnerable to attack through recently discovered flaws in the PHP scripting language. So how do you protect your site? In this book, bestselling author Mohammed Kabir provides all the tools you’ll need to close this security gap. He presents a collection of 50 secure PHP applications that you can put to use immediately to solve a variety of practical problems. And he includes expert tips and techniques that show you how to write your own secure and efficient applications for your organization.

You’ll learn how to:

  • Implement the featured applications in business environments such as intranets, Internet Web sites, and system administrations
  • Develop e–mail and intranet solutions using PHP
  • Determine the importance of certain coding practices, coding styles, and coding security requirements
  • Follow the entire process of each PHP application life cycle from requirements, design, and development to maintenance and tuning.
  • Use PHP in groupware, document management, issue tracking, bug tracking, and business applications
  • Mature as a PHP developer by using software practices as part of your design, development, and software life cycle decisions
  • Improve the performance of PHP applications

The companion CD–ROM contains:

  • 50 ready–to–use PHP applications
  • Searchable e–version of the book
  • The latest versions of PHP, Apache, and MySQL™

About the Author

MOHAMMED J. KABIR is the founder and CEO of Evoknow, Inc., a company specializing in customer relationship management software development. His previous books include Red Hat® Security and Optimization, Red Hat® Linux® 7 Server, Red Hat® Linux® Administrator’s Handbook, Red Hat® Linux® Survival Guide, and Apache 2 Server Bible (all from Wiley).

Inside This Book (Learn More)
First Sentence
PHP BEGAN AS A PERSONAL home page scripting tool. Read the first page
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

4 star
3 star
2 star
2.0 out of 5 stars
2.0 out of 5 stars
Most Helpful Customer Reviews
10 of 12 people found the following review helpful
5.0 out of 5 stars Security is important!! 5 Mar 2004
There is a myriad of books out there that handles the topics of PHP, but how to create a secure application (i.e. Authentication System, E-mail system) in PHP? This book handles 50 secure applications of PHP, using OOP extensively (which is good and modern).
No basic PHP are covered (not even in the PHP primer appendix), so you should know your stuff before reading this, but I think it's a great book indeed!! You're an intermediate who want's to go further, buy this!
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
1.0 out of 5 stars Disappointed 22 May 2009
Someone posted "Security is important" - well yes it is but I really got nothing from this book. I'm self taught in PHP and my skills are what I would call basic level, so I thought this would be good and useful.

Personally I was disappointed and ended up giving the book away as I learnt nothing from it to do with security. (Don't think the person I gave it too bothers with it much either and I taught him PHP !)
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
I was amazed at just how bad this book is. From simple stuff like lack of plurals ("You can make HTTP object") to the fact that it jumps right in by explaining why you are doing something in a particular class *without even telling you anything about the class, what it does or where the code is*, this book is a mess.

It's written by someone who really knows his stuff but who has no idea how to explain it. My comment about poor language might seem a bit petty, but the entire book is infected by it. Nouns are used in the wrong place, there's a sense that he's talking about multpile items when he means single items, and there's no flow.

The book really hasn't been sub-edited, let alone proof-read.

I wanted the book because I'm at the stage where I know lots of PHP and have a basic grasp of object-oriented programming, but wanted to see real world examples so I could finally start putting theory into practice. For me, it's a key way to learn: Yeah, I know what OOP is, so show me some examples of why you created X or Y as an object.

This book doesn't do it. And it's not focussed on security at all.

And the source code doesn't work properly.

Sad to say, this is the first book I've ever said "just do not buy it, at all - don't even borrow it".
Comment | 
Was this review helpful to you?
2 of 11 people found the following review helpful
1.0 out of 5 stars Far too complex 9 April 2004
Have read other books before this, so that I could get a background in PHP. When I came to this book, I was completely lost off from the start! This book is rocket science!!
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on (beta) 1.9 out of 5 stars  14 reviews
25 of 26 people found the following review helpful
1.0 out of 5 stars A truly appalling book 15 July 2004
By Geoff Caplan - Published on
I normally like to be charitable, but this publication really has nothing to recommend it. Don't touch it with a bargepole.
It's a book about secure, object orientated PHP applications by a guy who doesn't understand security, doesn't understand OOP and can't write.
Despite the title "Secure PHP", there are whole classes of security exploits which are not even mentioned. There is no comprehensive and authoritative discussion of security at any point.
The code samples are poorly laid out, riddled with errors, littered with notes to the author from the technical reviewer, and astonishingly repetitive. You will often get large chunks of code repeated many times just to show changes in a couple of lines buried somewhere in the middle.
Not that the code is worth the effort of reading. The design is often naive, the organisation unclear and the coding practices poor.
For example, he uses a naming convention for constants ($MY_CONSTANT) rather than defining proper constants as provided for by the PHP language via define().
Another example: on page 41 he exhorts his readers to use good naming standards. Yet the abstract application class that forms the core of the book is full of method names such as: name() number() currency() show_status()... I could go on. There are dozens of other equally cryptic examples.
The copy editing and proofreading is the worst I have ever seen in a technical book: it is a disgrace to the profession. There is a grammatical error in the second sentence! Here is a sample of what you can expect, from the 3rd page:
"Next, you need to consider how user interfaces will be presented and how can you allow for maximum customization that can be done without changing your core code. This is typically done by introducing external HTML templates for interface."
Even the section headings are ungrammatical: "Using relational database" (p21)
The 16 editors and proofreaders credited in the frontmatter should hang their heads in shame. This has severly damaged my confidence in Wiley as a brand - they clearly have no concept of quality control. I will be very wary of buying their products in future. The cover strapline "Timely. Practical. Reliable." is a sick joke...
14 of 15 people found the following review helpful
1.0 out of 5 stars Only 20 pages of "secure development techniques" 3 Jun 2003
By "grumpychris" - Published on
When I saw this book at the local bookstore (one of only 10 PHP related books in stock), I thought, "Awesome! I've been looking for some more securing applications techniques." It turned out to be a big let down.
The book is roughtly 750 pages (large print), the first 50 or so was an introduction and gave a few bad examples vs. good examples of code (which was good, and actually made me think the rest of the book was going to be good), then jumped directly into "here's 650 pages worth of class based applications for you to use". The last 40-50 pages of the book was a chapter called something to the effect of "Optimizing and Securing PHP". Of the whole book, this was the most dissapointing aspect, split equally between the 2 topics. I thought the whole book was going to be about writing secure PHP, not just 20 pages.
Even the sample code they gave was in my opinion, poor. The author encouraged a strong misuse of OOP, having every single script have its own class dedicated to it. For example, one of the 50 "ready to use applications" was for handling users for their intranet. They wrote a class with methods for updating the user's information, adding a user, selecting the user's email address from the database, etc. The goal of OOP is to be abstract so that it can be used in more than one area, something the author didn't bother to learn before he wrote this book.
Even the optimizing portion of the last chapter was a big let down. It felt like there was really only one example of code optimization. The rest of the pages explained how to make a particular PEAR script do a speed test on your code. How is that supposed to help me if I'm not even certain how to write it more efficiently?
I'm not interested in a book that shovels me a bunch of code the author wrote. If I wanted free code, there's tons of sites out there for that. I want a book that's going to teach me how to think more securely and write more securely and think about the best/most optimized way to write a particular portion of code. Sadly, this book isn't it.
9 of 9 people found the following review helpful
1.0 out of 5 stars Not a good book 21 Jun 2004
By Andre Audet - Published on
I read the first Chapter of this book and that was enough to know that this book is no good. The examples are not well explained and when it comes to try the code, it doesn't work. Don't waste your money on this!
8 of 8 people found the following review helpful
1.0 out of 5 stars What's up with the Restrictive Software License? 26 May 2003
By John A. ODONOVAN - Published on
This looks like a good object-oriented framework for building PHP apps, but what is up with the restrictive license that accompanies the programming examples in the book? (see the back page of the book, and the license.txt file on the disk)
"You may not (i) rent or lease the Software, (ii) copy or reproduce the software through a LAN or other network system or through any computer subscriber system or bulletin- board system, or (iii) modify, adapt, or create derivative works based on the Software."
I've never seen a book try to restrice the programming examples in this way.
Stay away if you intend to build professional products. There are many other frameworks available for PHP OOP.
11 of 12 people found the following review helpful
1.0 out of 5 stars Spend your money on dinner instead of this headache 15 Jun 2004
By A Customer - Published on
The horror. The horror. This book is just a big disappointment. After 2 weeks of giving it a chance, I found out that there are several security holes in the php scripts. I will not reveal them here, but I will give you one hint: javascript. "Secure PHP Development"...yeah right. This book contains mostly cut and paste scripts that haven't even been reviewed. Lots of redundent functions and script errors. Even worse, it violates the most fundamental rule in programming. That is documentation. There are no documentation in the scripts. You will have to enter them yourself. Oh, by the way, this framework he designed doesn't run on windows. It is written for Linux, although when you buy it there are no obviouse hints to tell you this.
God help you if you buy it.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category