Essential PHP security
Being highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more we...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Beijing ; Sebastopol, California :
O'Reilly
2006.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627174606719 |
Tabla de Contenidos:
- Table of Contents; Foreword; Preface; What's Inside; Style Conventions; Comments and Questions; Safari Enabled; Acknowledgments; Introduction; PHP Features; Register Globals; Error Reporting; Principles; Defense in Depth; Least Privilege; Simple Is Beautiful; Minimize Exposure; Practices; Balance Risk and Usability; Track Data; Filter Input; Escape Output; Forms and URLs; Forms and Data; Semantic URL Attacks; File Upload Attacks; Cross-Site Scripting; Cross-Site Request Forgeries; Spoofed Form Submissions; Spoofed HTTP Requests; Databases and SQL; Exposed Access Credentials; SQL Injection
- Exposed DataSessions and Cookies; Cookie Theft; Exposed Session Data; Session Fixation; Session Hijacking; Includes; Exposed Source Code; Backdoor URLs; Filename Manipulation; Code Injection; Files and Commands; Traversing the Filesystem; Remote File Risks; Command Injection; Authentication and Authorization; Brute Force Attacks; Password Sniffing; Replay Attacks; Persistent Logins; Shared Hosting; Exposed Source Code; Exposed Session Data; Session Injection; Filesystem Browsing; Safe Mode; Configuration Directives; allow_url_fopen; disable_functions; display_errors; enable_dl
- error_reportingfile_uploads; log_errors; magic_quotes_gpc; memory_limit; open_basedir; register_globals; safe_mode; Functions; eval(); exec(); file(); file_get_contents(); fopen(); include; passthru(); phpinfo(); popen(); preg_replace(); proc_open(); readfile(); require; shell_exec(); system(); Cryptography; Storing Passwords; Using mcrypt; Storing Credit Card Numbers; Encrypting Session Data; Index
