In weniger als einer Minute können Sie mit dem Lesen von Pro PHP Security: From Application Security Principles to... auf Ihrem Kindle beginnen. Sie haben noch keinen Kindle? Hier kaufen oder mit einer unserer kostenlosen Kindle Lese-Apps sofort zu lesen anfangen.

An Ihren Kindle oder ein anderes Gerät senden


Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Keine Abbildung vorhanden

Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses (Expert's Voice in Open Source) [Kindle Edition]

Chris Snyder , Thomas Myer , Michael Southwell

Kindle-Preis: EUR 29,82 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

Kostenlose Kindle-Leseanwendung Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.

Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 29,82  
Taschenbuch EUR 52,38  

Kunden, die diesen Artikel gekauft haben, kauften auch

Seite von Zum Anfang
Diese Einkaufsfunktion wird weiterhin Artikel laden. Um aus diesem Karussell zu navigieren, benutzen Sie bitte Ihre Überschrift-Tastenkombination, um zur nächsten oder vorherigen Überschrift zu navigieren.



PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also delve into recent developments like mobile security, the impact of JavaScript, and the advantages of recent PHP hardening efforts.

Pro PHP Security, Second Edition
will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a lot of material on secure PHP development, the basics of encryption, secure protocols, as well as how to reconcile the demands of server-side and web application security.

What you’ll learn

  • Secure PHP development principles

  • PHP web application security

  • User and file security

  • Mobile security

  • Encryption and secure protocols

  • Dealing with JavaScript

Who this book is for

Pro PHP Security appeals to all intermediate and advanced PHP programmers who need to keep websites safe. It also contains material of interest to all who are concerned with web application security.

Table of Contents

  1. Why Is Secure Programming a Concern?

  2. Validating and Sanitizing User Input

  3. Preventing SQL Injection

  4. Preventing Cross-Site Scripting

  5. Preventing Remote Execution

  6. Enforcing Security for Temporary Files

  7. Preventing Session Hijacking

  8. Securing REST Services

  9. Using CAPTCHAs

  10. User Authentication, Authorization, and Logging

  11. Preventing Data Loss

  12. Safe Execution of System and Remote Procedure Calls

  13. Securing Unix

  14. Securing Your Database

  15. Using Encryption

  16. Securing Network Connections: SSL and SSH

  17. Final Recommendations

Über den Autor und weitere Mitwirkende

Chris Snyder is a software engineer at Fund for the City of New York, where he helps develop next-generation websites and services for nonprofit organizations. He is a member of the Executive Board of New York PHP, and has been looking for new ways to build scriptable, linked, multimedia content since he saw his first Hypercard stack in 1988.


Mehr über den Autor

Entdecken Sie Bücher, lesen Sie über Autoren und mehr


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf (beta) 4.1 von 5 Sternen  7 Rezensionen
5 von 5 Kunden fanden die folgende Rezension hilfreich
4.0 von 5 Sternen Great book on security 1. Juni 2011
Von A Golden Eagle - Veröffentlicht auf
This was a pretty solid book on PHP web application security, and should be a part of any PHP developer's library. The author gives detailed descriptions of the most common ways in which your application can be attacked, and gives well thought out examples of how to guard against them. Here are some of the topics that you'll learn about in the book:

- SQL injection: This book gives a great overview of what SQL injection is, how to identify vulnerabilities, how to fix them, and how to test your application
- Cross-site scripting: This was a good one for me. Much of the documentation on XSS is pretty vague. The authors did a good job of providing several detailed examples of cross-site scripting attacks, and how to defend against them.
- Validating and Sanitizing input: The authors really stress the importance of validating and sanitizing any input that comes into your application. They give examples of how to create validation libraries. However, one of my main disappointments with the book was that they failed to discuss PHP's filter_var functionality.
- Captchas: What they are and how to implement them.
- Securing RESTful services: Restricting access, authenticating and authorizing requests, and enforcing quotas and rate limits.
- How to secure UNIX
- How to secure your database
- Encryption: The authors discuss keeping your passwords safe by hashing, and how to protect other sensitive data by symmetrical or asymmetrical encryption
- SSL and SSH: Securing network connections via SSL and SSH. How to generate certificates and keys.
- Securing shared hosting
- Keeping production and development environments separate
- Keeping software up to date

These are just some of the focus areas of this book. It provides even more interesting and valuable information. While this book won't make you a security expert, it will put you well on the path of proper security-minded PHP coding.
5 von 6 Kunden fanden die folgende Rezension hilfreich
4.0 von 5 Sternen I enjoy the second edition 26. Januar 2011
Von Amazon Customer - Veröffentlicht auf
As a PHP web developer, I I highly recommend this book to anyone who uses PHP as parts of daily web programming tool. It is really difficult to find a book that emphasizes only on the PHP security from different approach. Fortunately, this book contains all the security perspective related to PHP.
If you bought the first edition of this book, you might be disappointment on how it was organized in the first edition; however, the second edition of this book will change your opinion forever. It is easy to follow, and the authors focus on only one specific area per chapter; as a result, it allows readers to focus on the specific security that they may either are not aware of the problems or want to get more in depth detail.
Overall, I think this book is not only good for the seasonal PHP programmers since they may only need some parts of security topics that related to their current projects but also good for the experience PHP programmer since they can use this book as reference.
I do not think this book is good for programmers who just start to learn PHP language since most of the topics in this book are for people who have worked in PHP for few years.
5.0 von 5 Sternen Awesome read 19. Februar 2014
Von Maureenfind - Veröffentlicht auf
Format:Kindle Edition|Verifizierter Kauf
Great book with code included for tacking down major security design and implementation issues.
PHP must have for any beginning coder.
5.0 von 5 Sternen Pro PHP securioty 16. Oktober 2012
Von Maxtor09 - Veröffentlicht auf
Format:Taschenbuch|Verifizierter Kauf
Clear and complete, easy to read with nice code examples. I recommend really this book. Thanks to the author !
5.0 von 5 Sternen Thorough and well-written. 23. Juli 2014
Von Rebecca Adamson - Veröffentlicht auf
Format:Taschenbuch|Verifizierter Kauf
Covered everything I need to know, and more.
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Erster Beitrag:
Eingabe des Log-ins

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen

Ähnliche Artikel finden