Essential PHP Security (Paperback)

Chris Shiflett

  • 出版商: O'Reilly
  • 出版日期: 2005-11-22
  • 售價: $1,150
  • 貴賓價: 9.5$1,093
  • 語言: 英文
  • 頁數: 126
  • 裝訂: Paperback
  • ISBN: 059600656X
  • ISBN-13: 9780596006563
  • 相關分類: PHP資訊安全
  • 海外代購書籍(需單獨結帳)



Being highly flexible in building dynamic, database-driven web applications makes the PHP programming language one of the most popular web development tools in use today. It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.

Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.

In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.

Topics covered include:

  • Preventing cross-site scripting (XSS) vulnerabilities
  • Protecting against SQL injection attacks
  • Complicating session hijacking attempts

You are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.



考慮到網站遭受攻擊的頻率不斷增加,安全性是一個需要關注的問題。《Essential PHP Security》解釋了最常見的攻擊類型以及如何編寫不易受攻擊的程式碼。通過研究具體的攻擊和防護技術,您將對本書中即將學習的安全措施有更深入的理解和欣賞。

在這本《Essential PHP Security》中,每一章都涵蓋了網頁應用程式的一個方面(如表單處理、資料庫程式設計、會話管理和身份驗證)。章節描述了潛在的攻擊並提供示例,然後解釋了防止這些攻擊的技術。

- 預防跨網站指令碼(XSS)漏洞
- 保護免受SQL注入攻擊
- 複雜化會話劫持嘗試

作者Chris Shiflett是PHP安全領域的國際知名專家,您可以放心地閱讀本書。Shiflett還是Brain Bulb的創始人兼總裁,該公司是一家提供各種服務給全球客戶的PHP諮詢公司。