HOME SCALA & F# JAVA .NET WEB GROOVY & GRAILS ANDROID & IOS NOSQL ARCHITECTURE AGILE & SCRUM AGILE DEVELOPER  
Yahoo! Developer Network:PHP Security
PHP Security
In this Yahoo Developer Night Jose gives a talk on PHP Security, demonstrating the most common security issues, how to exploit them and how to protect an application against them. This is a great talk for anyone who writes web applications in PHP. The basic premise is that you automatically distrust any input that comes from the user.

Jose goes through all of the main hacking techniques used to break into PHP web applications and how dangerous it can be if your website contains any of the commonly exploited issues. The techniques illustrated are:

XSS (Cross Site Scripting) – Inserting content into a page

SQL Injection – Executing SQL statements on the server

File Uploads – Allowing the user to upload a file and how this can be exploited.

General configuration issues

Jose also illustrates how quickly a website can be broken if it’s not secure in relation to any of these techniques. The talk is very informative and useful to anyone involved in PHP applications. It definitely makes you think twice when dealing with user input.

ABOUT JOSE PALAZON
Jose Palazon (palako) is responsible for Mobile security worldwide at Yahoo!. He is 8+ years experienced in security advisory and...
More about Jose Palazon

ABOUT THE YAHOO! DEVELOPER NETWORK
The Yahoo! Developer Network offers Web Services and APIs that make it easy for developers to build applications and mashups. Yahoo! APIs let developers tap into Yahoo!'s world-class data and infrastructure to help power their businesses and integrate data sources in new ways, making the web a more useful and interesting place for everyone.
More about the Yahoo! Developer Network
PODCAST PHP SECURITY
SPONSORS
Yahoo! Developer Network
JAVASCRIPT & HTML5 COURSES
Brian Sletten's Semantic Web Technologies Bootcamp, BRIAN SLETTEN'S SEMANTIC WEB BOOTCAMP
Christophe Herreman & Roland Zwaga's Spring ActionScript course, CHRISTOPHE HERREMAN'S SPRING ACTIONSCRIPT COURSE
Damjan Vujnovic's Advanced JavaScript Workshop, DAMJAN VUJNOVIC'S ADVANCED JAVASCRIPT WORKSHOP
David A. Black's Ruby Bootcamp , DAVID A. BLACK'S RUBY BOOTCAMP
David Pollak's Lift Basics Workshop, DAVID POLLAK'S LIFT BASICS
Dmitry Buzdin's Advanced Google Web Toolkit: Large-Scale GWT Development, DMITRY BUZDIN'S ADVANCED GOOGLE WEB TOOLKIT
Dylan Schiemann's Application Development with Dojo Workshop, DYLAN SCHIEMANN'S DOJO APP DEVELOPMENT WORKSHOP
Dylan Schiemann's Richer Web Experiences with Dojo Workshop, DYLAN SCHIEMANN'S RICHER WEB EXPERIENCES WITH DOJO
Mark Birbeck's RDFa The Theory and Practice of Structured Data Publishing, MARK BIRBECK'S RDFA THEORY AND PRACTICE
Matthew Baxter-Reynolds' PhoneGap and jQuery Mobile course, MATTHEW BAXTER-REYNOLDS' PHONEGAP COURSE
Peter Lubbers' HTML5 “Fast Track” - IN NYC, PETER LUBBERS' HTML5 FAST TRACK COURSE
Peter Lubbers' HTML5 Performance, Communication, and WebSockets Training Course, PETER LUBBERS' HTML5 PERFORMANCE & WEBSOCKETS
Peter Lubbers' HTML5 “Fast Track” - IN LONDON, PETER LUBBERS' HTML5 “FAST TRACK”
Russel Winder's Python Workshop, RUSSEL WINDER'S PYTHON WORKSHOP
Typesafe's Fast Track to Play, TYPESAFE'S FAST TRACK TO PLAY
JAVASCRIPT & HTML5 PODCASTS
Russel Winder:Python is a High Performance Programming Language, High Performance Python
Russel Winder : 31st Jan 2012		 View Podcast: Python is a High Performance Programming Language,
Chris Adams:What's been happening in Wordpress , What's happening in Wordpress
Chris Adams : 19th Jan 2012		 View Podcast: What's been happening in Wordpress ,
Mark Mitchell:Wordpress Responsive Design, Wordpress Responsive Design
Mark Mitchell : 19th Jan 2012		 View Podcast: Wordpress Responsive Design,
Peter Westwood:Scaling WordPress, Scaling WordPress
Peter Westwood : 19th Jan 2012		 View Podcast: Scaling WordPress,
Dave Springgay :HTML5, Android Webview and java bridging, HTML5 & Android Webview
Dave Springgay : 19th Jan 2012		 View Podcast: HTML5, Android Webview and java bridging,
Jonathan Anthony :Titatnium & PhoneGap, Titatnium & PhoneGap...
Jonathan Anthony : 19th Jan 2012		 View Podcast: Titatnium & PhoneGap,
Andy Richardson:Trends and Patterns, Trends & Patterns
Andy Richardson : 10th Jan 2012		 View Podcast: Trends and Patterns,
Chris McGrath:I18n, I18n
Chris McGrath : 9th Jan 2012		 View Podcast: I18n,
Joe Corcoran:Judge: Client side form validation for Rails 3, Judge
Joe Corcoran : 9th Jan 2012		 View Podcast: Judge: Client side form validation for Rails 3,
Christian Heilmann:Rethinking User Registration with BrowserID, BrowserID
Christian Heilmann : 13th Dec 2011		 View Podcast: Rethinking User Registration with BrowserID,
:Usable APIs, Usable APIs
: 12th Dec 2011		 View Podcast: Usable APIs,
:Hypermedia as the Engine of Application State, HATEOS
: 12th Dec 2011		 View Podcast: Hypermedia as the Engine of Application State,
Chris O Davies:Introduction to User Group and Heroku, Heroku platform
Chris O Davies : 5th Dec 2011		 View Podcast: Introduction to User Group and Heroku,
Nicola Tassini:Deploying Java Apps to Heroku, Deploying Java Apps to Heroku
Nicola Tassini : 5th Dec 2011		 View Podcast: Deploying Java Apps to Heroku,
John Beynon:The Why, What and How of Heroku, The Why, What and How of Heroku
John Beynon : 5th Dec 2011		 View Podcast: The Why, What and How of Heroku,
OTHER JAVASCRIPT & HTML5 EVENTS
Official RNIB Accessibility Hackathon, Official RNIB Accessibility Hackathon
CONFERENCE (2 DAYS)
London, Saturday, February 11th BOOK NOW!
Russel Winder:Russel Winder's Python Workshop, Russel Winder's Python Workshop
4 DAY COURSE. Featuring Russel Winder
London, Monday, February 13th
Damjan Vujnovic Coding Kata, Coding Kata
FREE EVENT: In The Brain of Damjan Vujnovic
London, Wednesday, February 15th
London Ruby User Group:LRUG Feb Lightning Talks, London Ruby User Group
FREE EVENT: LRUG lightning
London, Tuesday, February 21st
QCon London 2012, QCon London 2012
CONFERENCE (3 DAYS)
London, Wednesday, March 7th BOOK NOW!
Elevate Events:Elevate Launch Event, Elevate Events
FREE EVENT: elevate-launch-event
London, Wednesday, March 7th
London Ajax User Group:This is Dart , London Ajax User Group
FREE EVENT: Dart
London, Tuesday, March 13th
Peter Lubbers:Peter Lubbers' HTML5 “Fast Track” - IN NYC, Peter Lubbers' HTML5 Fast Track Course
2 DAY COURSE. Featuring Peter Lubbers
New York, Wednesday, March 14th
© Copyright 2003-2011, Skills Matter Ltd
  Web development by You In Control
About Us  Jobs  Find Us  Meeting & Training Rooms  Newsletter  Jobs: Sales Executive  Jobs: Student SkillsCaster  jobs - junior event coordinator  Speed Coding 2011  Open Source Journal  Ticket Raffle  Agile Expert Series  Jobs: Sponsorship Development  jobs: Marketing & Sales Graduate Internship