PHPDeveloper.org: Zend Developer Zone: PHP Security Tips #6 and #7

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: TEKSystems (Recruiter) Seeks PHP Web Application Developers (Tampa, FL)

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

News Archive

Till's Blog: ZendFramework (performance) II

Sebastian Bergmann's Blog: Freezing and Thawing PHP Objects

Jani Hartikainen's Blog: NetBeans 6.5 review (with PHP support)

Rob Allen's Blog: File uploads with Zend_Form_Element_File

PHPro.org: Calculate Friday The 13th With Datetime Class

Marco Tabini's Blog: It turns out, I was wrong

Community News: Latest PEAR Releases for 12.01.2008

Site News: Job Postings for the week of 11.23.2008

KillerPHP.com: Creating a Wordpress Theme from Scratch (Video)

Chris Hartjes' Blog: Handling Multiple Environments In Your PHP Application

Zend Developer Zone:
PHP Security Tips #6 and #7

by Chris Cornutt March 12, 2007 @ 11:38:00

Continuing in their security theme for the month of March, the Zend Developer Zone has posted two more Security Tips for PHP developers out there:

The first tip (#6 on their list) talks about the benefits of casting all of the values going in to your SQL queries. This helps keep you and your data away from things like nasty SQL injection issues that could result in exposure of valuable data.
The second tip (#7) focuses on regeneration of session IDs to help prevent fixation. They give an example of how, without it, you could inadvertently allow in unauthorized users. Thankfully, one quick function call can remedy the situation - session_regenerate_id.

Check out their full list for more great tips.

0 comments voice your opinion now!
security tip session fixation sql injection cast query security tip session fixation sql injection cast query

Similar Posts

Greg Beaver's Blog: Mac OS X ships with security hole-laden PEAR - how to upgrade immediately

Stefan Mischook's Blog: SQL insert statements in PHP

PHPit.net: Taking a first look at the AutoCRUD for PHP library

PHPEverywhere: New Improved Yummy ADOdb Session Handler

Sebastian Bergmann's Blog: SQL Puzzle

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework