TOC Step By Step Tutorial PHP Security


In this tutorial, you will learn about security in php. You will learn starting from scratch. This basic knowledge is needed at the time you start building the web. You will learn what factors that affect the security of a site. In fact, sometimes a security weakness because the weakness of the logic used by the programmer. This will be fatal. Logic errors can not be covered by a firewall or other tools. For this reason, this tutorial will bring more information to you about php security. Let's get started!

CHAPTER 1 INPUT VALIDATION
1.1 Numeral Validation
1.2 String Validation
1.3 The Input That is Confusing
1.4 File Problema
CHAPTER 2 CROSS-SITE SCRIPTING
2.1 Encoding Solution
2.2 Handling the Attribute
2.3 Modify Filter
2.4 Strip_tags()
2.5 Environment Variables
CHAPTER 3 SQL INJECTION
3.1 Magic Quotes
3.2 The Data Type Accuracy
3.3 The FILE attack
3.4 SQL Error Handling
3.5 Include File
CHAPTER 4 CODE INJECTION
4.1 About Path
4.2 File Name
4.3 Eval
4.4 Dynamic Functions
4.5 Dynamic Variables
CHAPTER 5 SESSION SECURITY
5.1 Recognize the Visitor
5.2 Restrict the Access
5.3 Session Mechanism
5.4 Session Fixation
5.5 IP Address Validation
5.6 Timer Session
5.7 Combination with Cookies
CHAPTER 6 PHPSECURESITE
6.1 About phpSecureSite
6.2 phpSecureSite installation
6.3 Configuration
6.4 Database Configuration
6.5 Authentication Configuration
6.6 Log Configuration
6.7 Normal Modules Configuration
6.8 The Using Example
6.9 Protect the Page
6.10 Logout
CHAPTER 7 ACCESS CONTROL LIST
7.1 Preparing phpSS
7.2 Preparing Database
7.3 Make Login
7.4 Administration Page
7.5 User Administration
7.6 Group Administration
7.7 Group Administration from User
7.8 Module Administration
7.9 The Administration of the Group Access Right
7.10 The Administration of the User Access Right
7.11 Logout
7.12 User Page
CHAPTER 8 CAPTCHA
8.1 Problem Potential
8.2 Captcha is the Solution



Bookmark and Share Tag: php security Category: PHP Security Post : October 26th 2009 Read: 74,592

advertisements


blog comments powered by Disqus