Chapter 4. Security
With more and more personal information being stored on the Web—credit card data, social security numbers, maiden names—today's PHP developer cannot afford to be ignorant about security.
Security is a battle, not between programmers and hackers (or crackers), but between what you would like your site to do and what is safe for it to do. The most secure Web site would not use PHP or CGI or have HTML forms. But then it wouldn't be very interesting, either. It's my contention that the responsibility of the Web developer is to stay informed and understand when compromises are being made and what the possible ramifications of those compromises are, not necessarily to strive in vain for the unattainable, perfectly secure application. ...
Get PHP Advanced for the World Wide Web: Visual QuickPro Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.