News Feed
Jobs Feed
Sections




News Archive
Techie Talks Blog:
Building Secured Web Applications Using PHP - The Basics
by Chris Cornutt June 24, 2011 @ 11:06:11

On the Techie Talks blog today there's a post from Idrish Laxmidhar with a few simple reminders of things you can do to help with the basic security of your PHP applications, mostly surrounding filtering and escaping.

The list includes some of the basics like:

  • Avoiding $_REQUEST when possible because of the ambiguity of where the information could come from
  • Keep register_globals off (thankfully a default!)
  • Checking values for specific data types before using them
  • Filtering user input
  • Disabling the error output (turning down the reporting levels) on a production environment

For some more good recommendations on good security practices in PHP applications, check out this list or some of the recommendations from the PHP manual itself.

3 comments voice your opinion now!
security web application basics


blog comments powered by Disqus

Similar Posts

DynamicWebPages.de: PHP at LinuxTag 2006 - May 3rd-6th

Job Posting: Data Industries Seeks PHP Application Developers

Project: RIPS - Static Source Code Analyzer for Vulnerabilities in PHP Scripts

Bill Staples' Blog: IIS7 Patch for Windows Vista fixes CGI/PHP apps - multiple response headers

Padraic Brady's Blog: Zend Framework Blog Tutorial - Part 7: Authorisation with Zend_Acl & Styling


 Community Events











Don't see your event here?
Let us know!

functional language podcast conference development google opinion interview symfony2 phpunit appengine usergroup rest testing release zendframework2 series introduction community framework

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework