Customer Reviews


12 Reviews
5 star:
 (6)
4 star:
 (4)
3 star:
 (1)
2 star:
 (1)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 

The most helpful favourable review
The most helpful critical review


22 of 23 people found the following review helpful
5.0 out of 5 stars Essential reading
We've probably all heard about sql injections, cross side scripting, session hi-jacking and other security issues in PHP, and this book explains what they are, how they happen and how to combat them. More than that though, you'll learn best practices for writing secure php pages.
One of the things I liked about this book is that you don't need to be...
Published on 13 Nov 2005 by Studland

versus
2 of 3 people found the following review helpful
2.0 out of 5 stars Not worth to read. Data is out od date.
The described security problems was reasonable 10 years ago and nearly all these problems was solved 5-10 years ago.

Better follow latest release reviews in order to learn security vulnerability.
Published 18 months ago by Vitas


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

22 of 23 people found the following review helpful
5.0 out of 5 stars Essential reading, 13 Nov 2005
This review is from: Essential PHP Security (Paperback)
We've probably all heard about sql injections, cross side scripting, session hi-jacking and other security issues in PHP, and this book explains what they are, how they happen and how to combat them. More than that though, you'll learn best practices for writing secure php pages.
One of the things I liked about this book is that you don't need to be sat next to your PC to read it. Though it has many nice and clear code examples, it's mainly about principles and theory. Excellent to have on the bedside table.
It isn't a very thick book, but is written in a clear and accessible style, and I found myself going 'aha' all the way through. I read it quickly but have a feeling that I'll return to it often until all those best practices are memorised and I'm 'doing' them.
Worth buying? Definitely. This book should be on every serious PHP programmer's bookshelf.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 2 people found the following review helpful
4.0 out of 5 stars Very informative, best practices, 12 Feb 2007
By 
Rene Gundersen (Denmark) - See all my reviews
(REAL NAME)   
This review is from: Essential PHP Security (Paperback)
This book is very good, and absolutely recommandable.

The book is not very big (~100 pages) and can be read quite fast. It's also an easy read, as the language in the book is not hard as some other technical books might be. The explanations are good, and easy to understand, as well as the reasoning.

I enjoyed this book, and it's a great reference. It's size also allows you to read it again (And that's a great idea - Helps you to remember) to get the most out of the book.

The author knows what he talks about, and his advice really makes sense. You might already be aware of some of the concepts, such as filtering input etc, but Chris explains really well the ideas behind such concepts, and gives great examples of what can go wrong if you fail to follow the simple principles given.

All in all, this is a great book that really helps you, by teaching you best practices from a very experienced web-developer.

And the book is really great as a reference.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


12 of 14 people found the following review helpful
5.0 out of 5 stars 8 chapters. 30 exploits. Impossibly small, 6 Sep 2006
By 
Miha Hribar (Ljubljana, Slovenia) - See all my reviews
(REAL NAME)   
This review is from: Essential PHP Security (Paperback)
We've all written unsecure code. Then tried to circumvent our weak security measures. It made us better programmers, and made us sleep better knowing our applications were safe. But there is just so far your imagination can go, while thinking up ways to get inside your perfectly secure system.

Essential PHP Security by Chris Shiflett brings you those ideas in a book that looks rather, well small. We've all gotten used to those big, heavy, shelf bending computer books, but this one has just 124 pages. Allow me to get a bit poetic: Don't judge the book by its covers, or rather by the number of pages. This book is the essential reading for all PHP developers, professional and hobbyist alike. It is one of those books that will not get outdated and will be referenced on a daily basis.

I really enjoyed reading this book. It made me realize that some of my approaches were a bit misslead, but mostly solidified my way of coding. And that is really what I was looking to get out of this book.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 4 people found the following review helpful
4.0 out of 5 stars Useful, structured, collection of advice, 12 Jun 2006
By 
Stephen Hampshire (Huddersfield, UK) - See all my reviews
(VINE VOICE)    (REAL NAME)   
Verified Purchase(What is this?)
This review is from: Essential PHP Security (Paperback)
Probably nothing new here for most PHP programmers, but it's nice to have it all collected in one place.

The structure is also cleverly thought out, dealing chapter by chapter with specific types of activity (e.g. forms, databases, sessions etc).

It's a thin book for the money, but much clearer than anything less specialist I've come across. Thin enough that you can check through all of it before your site goes live - just in case!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars An essential checklist, but there is more ..., 31 Oct 2011
By 
Verified Purchase(What is this?)
This review is from: Essential PHP Security (Paperback)
This book is by no means a tome and was probably written for kindle first.

That said, it highlights a lot of the important concepts of filter input and escape output. If you do that, you've probably covered 85% of the problems.

The book also covers cookie interception and SQL injection, but the Internet will also give the same.

It won't take long to read the book, but perhaps as long as your code is written with 'security in depth' again you're most of the way there.

Given four stars for what's in the book, but more guidance and examples would have been welcome.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars compact but perfect, 24 Feb 2011
By 
Scott (Aberdeen, United Kingdom) - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
This review is from: Essential PHP Security (Paperback)
One of the problems with computing books tends to be they ramble on, and on and on.... But not this one. It short, very short. But perfect for that. It doesn't tell you about the history of PHP, it doesn't sell PHP as a scripting language, it tells shows you how to protect your site from being attacked. It's not an in depth security book, it's a very practical guide to help you a developer build (and maintain) a site in a secure way. Nothing more nothing less, if you ever use PHP buy this book, and spend an afternoon reading it, then the next week fixing the holes in what you thought was a secure site.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Small in Size but Pure Gold, 25 July 2010
By 
John G. Dyke (Pentyrch) - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
This review is from: Essential PHP Security (Paperback)
I was disappointed when I opened my Amazon package to find this slim book (100+pages). However, the content is pure gold. If you write PHP scripts you should read this book. I attended a two day course on PHP security which was very good but I can say unequivocally that this book is much much better. Having read the book its size is an advantage.

It has a practical approach to the problem and examples to illustrate the common security holes in PHP scripts and how to prevent them. There is no extraneous material and security issues are described in a concise way making it easy to follow. Examples are available on the books website (in common with most O'Reilly books)

Read this book before writing a PHP script, during and afterwards. Have it to hand: it is a vade mecum of PHP security. Reading and applying the knowledge within its covers could save you hours of time undoing a hack on your website and database.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Security advice that is useful for non-PHP programers too, 24 Oct 2009
Verified Purchase(What is this?)
This review is from: Essential PHP Security (Paperback)
I've found this book useful because it explained to me how certain vulnerabilities can arise. That is handy to know whatever language you are writing in. The solutions the author suggests can also be employed outside of PHP.

I agree with most of the comments of the other reviewers so I won't bore you by repeating them.

It may only be 100 pages but it's well worth the price if you need educating about web security.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Absolutely Essential, 13 Dec 2007
By 
D. Hickling (London, UK) - See all my reviews
(REAL NAME)   
This review is from: Essential PHP Security (Paperback)
If you've done a bit of PHP programming, or have used any other online scripting languages, but have never considered the security implications, this book is essential. The threats are jaw-droppingly simple, but so are their fixes, and the principles remain for other technologies too. The techniques will also improve the integrity of your data and ensure that you consider security in the design process of your applications.

The book is lean and quick to read, the content is aimed at reasonably knowledgeable programmers, but there is nothing here that can't be easily researched. All the issues are illustrated with short, relevant examples and code, which makes a change from most programming books. The author also maintains his own website to ensure that readers can remain updated on problems for the foreseeable future. Overall, this is essential stuff and great value.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 3 people found the following review helpful
2.0 out of 5 stars Not worth to read. Data is out od date., 14 Feb 2013
Verified Purchase(What is this?)
The described security problems was reasonable 10 years ago and nearly all these problems was solved 5-10 years ago.

Better follow latest release reviews in order to learn security vulnerability.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

This product

Essential PHP Security
Essential PHP Security by Chris Shiflett (Paperback - 23 Oct 2005)
13.01
In stock
Add to basket Add to wishlist
Only search this product's reviews