Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

NetTuts.com:
Best Practices When Working With Sensitive Data: Securing Your Application
Jul 21, 2014 @ 10:27:07

The NetTuts.com site has a new tutorial posted today sharing some tips about working with sensitive data in your applications and steps to secure it.

In my previous article, I showed you how to protect your server from attacks and malicious software. This part will focus completely on the third layer of security - your application itself. So here, I will show you techniques that you can use to protect your application from attacks and intrusions.

There's three main topics covered here, each with a few subpoints and some code examples:

  • Using a Database
  • Use a Salt When Hashing
  • POSIX: Drop Privileges When You Don't Need Them
tagged: secure data application tutorial sensitive

Link: http://code.tutsplus.com/tutorials/best-practices-when-working-with-sensitive-data-securing-your-application--cms-21719

Lorna Mitchell's Blog:
Locale-Sensitive Dates in PHP
Nov 05, 2008 @ 08:48:44

Lorna Mitchell shares a quick code snippet she's worked up to make handling local-sensitive dates in PHP a bit easier (via the strftime function).

I needed dates like "Donderdag 23 Oktober", and I was sure PHP should know how to do this without me creating arrays for days of the week and months of the year. With some help from my friend (thanks Derick) I discovered that there is a date function in PHP that takes into account the locale of the script, called strftime.

Her code snippet shows how to set the correct local time (in her case, nl_NL with a UTF-8 encoding) and how to return a formatted string based on formatting characters (much like printf/sprintf).

tagged: local sensitive date setlocalte strftime tutorial

Link:

Zend Developer Zone:
PHP Security Tips #8 & #9
Mar 13, 2007 @ 12:53:00

The Zend Developer Zone has the latest two of their security tips posted today - numer #8 and #9 - in their "PHP Security Tips" series.

  • In tip #8, they restate and reinforce a topic that's worth repeating - validating user input. They use the filter_var function as a simple, light way to start filtering your user's input.
  • Tip #9 suggests that you keep anything sensitive, anything at all that needs to be kept away from prying eyes, outside of your document root of the site.
You can check out more on these tips and lots of others in their full list of tips.

tagged: securitytip user input filter sensitive data web tree securitytip user input filter sensitive data web tree

Link:

Zend Developer Zone:
PHP Security Tips #8 & #9
Mar 13, 2007 @ 12:53:00

The Zend Developer Zone has the latest two of their security tips posted today - numer #8 and #9 - in their "PHP Security Tips" series.

  • In tip #8, they restate and reinforce a topic that's worth repeating - validating user input. They use the filter_var function as a simple, light way to start filtering your user's input.
  • Tip #9 suggests that you keep anything sensitive, anything at all that needs to be kept away from prying eyes, outside of your document root of the site.
You can check out more on these tips and lots of others in their full list of tips.

tagged: securitytip user input filter sensitive data web tree securitytip user input filter sensitive data web tree

Link: