|
|
Yahoo! Developer Network:PHP Security
PHP Security
In this Yahoo Developer Night Jose gives a talk on PHP Security, demonstrating the most common security issues, how to exploit them and how to protect an application against them. This is a great talk for anyone who writes web applications in PHP. The basic premise is that you automatically distrust any input that comes from the user.
Jose goes through all of the main hacking techniques used to break into PHP web applications and how dangerous it can be if your website contains any of the commonly exploited issues. The techniques illustrated are:
XSS (Cross Site Scripting) Inserting content into a page
SQL Injection Executing SQL statements on the server
File Uploads Allowing the user to upload a file and how this can be exploited.
General configuration issues
Jose also illustrates how quickly a website can be broken if its not secure in relation to any of these techniques. The talk is very informative and useful to anyone involved in PHP applications. It definitely makes you think twice when dealing with user input.
ABOUT JOSE PALAZON
|
Jose Palazon (palako) is responsible for Mobile security worldwide at Yahoo!. He is 8+ years experienced in security advisory and...
More about Jose Palazon
|
ABOUT THE YAHOO! DEVELOPER NETWORK
|
The Yahoo! Developer Network offers Web Services and APIs that make it easy for developers to build applications and mashups. Yahoo! APIs let developers tap into Yahoo!'s world-class data and infrastructure to help power their businesses and integrate data sources in new ways, making the web a more useful and interesting place for everyone.
More about the Yahoo! Developer Network
|
|
|
|
|
|
© Copyright 2003-2013, Skills Matter Ltd
|
|
|
