Essential PHP Security a Must Read

October 23, 2005

Chris Shiflett’s latest book, Essential PHP Security, should be required reading for all PHP professionals. It is the necessary antidote to the common misperception that PHP applications fall short on security. With sparkling clarity, Chris demystifies dozens of attacks and provides both solid theoretical and practical bases for coding securely in PHP. Throughout his work as a PHP security consultant, and culminating in this book, Chris has defined the lexicon for web security–telling us precisely what it means to filter input, and precisely what it means to escape output–as well as when, how and why. This is nothing short of a seminal work on web application security as it applies specifically to PHP. I intend to make it required reading in my department, and recommend it highly to colleagues in other companies developing web applications in PHP.
While this book does not cover using encoders (like the Zend Encoder or IonCube Encoder) to heighten security in a plain-text scripting language, every other topic you would expect to be covered is treated–above all–with accuracy, and all in just over a hundred pages. Where other authors might potificate to fill pages, Chris crafted this book to live up to its title–it is indeed essential, distilled, and precise. Therefore there is little excuse from this point on to not have read it at least once, and thumb through it from time to time when developing or auditing a PHP application.

Posted in PHP, Security | Comments (1)

RSS Subscribe    Print Print    NetworkedBlogs on Facebook Become a Fan

3 Comments

  1. Chris Shiflett
    Posted October 28, 2005 at 12:35 am | Permalink

    Thanks for the positive feedback, Robert. Glad to hear you liked it. :-)

  2. blogZero
    Posted November 8, 2005 at 1:06 am | Permalink

    Just published last month by O’Reilly and Associates, is Chris Shiflett’s Essential PHP Security. Chris a well-known expert, author and consultant in the field of PHP development and his focus is squarely on building robust and secure PHP applications.

  3. Robert Peake
    Posted December 7, 2005 at 12:13 am | Permalink

    The companion website to Chris Shiflett’s important book on PHP security is now available. I was surprised and pleased to see a quote from one of my own reviews listed as an endorsement on the site. I stand by what I said: this book is an important contri

Post a Comment

Your email is never shared. Required fields are marked *

*
*


Popular Tags

Academia Academy Of American Poets Accessible Poetry Adam Zagajewski Aliso Street Bear Andrew Philip Anna Akhmatova Arroyo Arts Collective Artists' Union Gallery Art Therapy Avant Garde B.H. Fairchild Bart's Books Bell Arts Factory Blogging Code Poet Conservation Czesław Miłosz David Allen Day Fire Denise Levertov Dorianne Laux Facebook First Books Friday Lubina Galway Kinnell George Wallace Gerard Manley Hopkins Gregory Orr GTD Gwendolyn Alley Heart And Mind Henri Cole Hope Jackson Wheeler James Valentine Peake Japan Jawanza Dumisani John Ashbery John Keats Joseph Millar Kathleen Tyler Li-Young Lee London Los Angeles Louise Glück Low-Residency MFA Mark Doty Marriage Marvin Bell Mary Oliver Merlin Mann MFA Residency 1 MFA Residency 2 MFA Residency 3 MFA Residency 4 MFA Residency 5 Michael Wells Michelle Bitting Miranda Nature Negative Capability Ojai Ojai Poetry Festival Pacific University Passings Performance Poetry Phil Taggart Poetry In The Windows Polish Poetry Post-Postmodernism Ralph Waldo Emerson Rattle Read Write Poem Robert Hass Robert Pinsky Sandford Lyne Sandra Alcosser Sarah Maclay Seamus Heaney Social Networking Sonnets Spirituality Stanley Kunitz Stephen Booth Stephen Dunn Suzanne Lummis The Economy The Phoenix The World Stage Tree Bernstein Twitter Umberto Saba Wallace Stevens Why Poetry Zbigniew Herbert ZCE Zen Zoey's Cafe