Pro PHP Security [electronic resource] / by Chris Snyder, Michael Southwell.
Contributor(s): Southwell, Michael [author.] | SpringerLink (Online service).Material type: BookPublisher: Berkeley, CA : Apress, 2005Description: XXVIII, 528 p. online resource.Content type: text Media type: computer Carrier type: online resourceISBN: 9781430200574.Subject(s): Computer science | Software engineering | Computer Science | Software Engineering/Programming and Operating SystemsAdditional physical formats: Printed edition:: No titleDDC classification: 005.1 Online resources: Click here to access online
|Item type||Current location||Call number||Status||Date due||Barcode|
|e-Books||Bangalore University Library||Available||BUSP001038|
The Importance of Security -- Why Is Secure Programming a Concern? -- Maintaining a Secure Environment -- Dealing with Shared Hosts -- Maintaining Separate Development and Production Environments -- Keeping Software Up to Date -- Using Encryption I: Theory -- Using Encryption II: Practice -- Securing Network Connections I: SSL -- Securing Network Connections II: SSH -- Controlling Access I: Authentication -- Controlling Access II: Permissions and Restrictions -- Practicing Secure PHP Programming -- Validating User Input -- Preventing SQL Injection -- Preventing Cross-Site Scripting -- Preventing Remote Execution -- Enforcing Security for Temporary Files -- Preventing Session Hijacking -- Practicing Secure Operations -- Allowing Only Human Users -- Verifying Your Users’ Identities -- Using Roles to Authorize Actions -- Adding Accountability to Track Your Users -- Preventing Data Loss -- Safely Executing System Commands -- Handling Remote Procedure Calls Safely -- Taking Advantage of Peer Review.
Pro PHP Security is one of the first books devoted solely to PHP security. It will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. The methods discussed are compatible with PHP versions 3, 4, and 5. The knowledge you'll gain from this comprehensive guide will help you prevent attackers from potentially disrupting site operation or destroying data. And you'll learn about various security measures, for example, creating and deploying "captchas," validating e-mail, fending off SQL injection attacks, and preventing cross-site scripting attempts.