Flylib.com
Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
Essential PHP Security
Table of Contents
Copyright
Foreword
Preface
What s Inside
Style Conventions
Comments and Questions
Safari Enabled
Acknowledgments
Chapter 1. Introduction
Section 1.1. PHP Features
Section 1.2. Principles
Section 1.3. Practices
Chapter 2. Forms and URLs
Section 2.1. Forms and Data
Section 2.2. Semantic URL Attacks
Section 2.3. File Upload Attacks
Section 2.4. Cross-Site Scripting
Section 2.5. Cross-Site Request Forgeries
Section 2.6. Spoofed Form Submissions
Section 2.7. Spoofed HTTP Requests
Chapter 3. Databases and SQL
Section 3.1. Exposed Access Credentials
Section 3.2. SQL Injection
Section 3.3. Exposed Data
Chapter 4. Sessions and Cookies
Section 4.1. Cookie Theft
Section 4.2. Exposed Session Data
Section 4.3. Session Fixation
Section 4.4. Session Hijacking
Chapter 5. Includes
Section 5.1. Exposed Source Code
Section 5.2. Backdoor URLs
Section 5.3. Filename Manipulation
Section 5.4. Code Injection
Chapter 6. Files and Commands
Section 6.1. Traversing the Filesystem
Section 6.2. Remote File Risks
Section 6.3. Command Injection
Chapter 7. Authentication and Authorization
Section 7.1. Brute Force Attacks
Section 7.2. Password Sniffing
Section 7.3. Replay Attacks
Section 7.4. Persistent Logins
Chapter 8. Shared Hosting
Section 8.1. Exposed Source Code
Section 8.2. Exposed Session Data
Section 8.3. Session Injection
Section 8.4. Filesystem Browsing
Section 8.5. Safe Mode
Appendix A. Configuration Directives
Section A.1. allow_url_fopen
Section A.2. disable_functions
Section A.3. display_errors
Section A.4. enable_dl
Section A.5. error_reporting
Section A.6. file_uploads
Section A.7. log_errors
Section A.8. magic_quotes_gpc
Section A.9. memory_limit
Section A.10. open_basedir
Section A.11. register_globals
Section A.12. safe_mode
Appendix B. Functions
Section B.1. eval( )
Section B.2. exec( )
Section B.3. file( )
Section B.4. file_get_contents( )
Section B.5. fopen( )
Section B.6. include
Section B.7. passthru( )
Section B.8. phpinfo( )
Section B.9. popen( )
Section B.10. preg_replace( )
Section B.11. proc_open( )
Section B.12. readfile( )
Section B.13. require
Section B.14. shell_exec( )
Section B.15. system( )
Appendix C. Cryptography
Section C.1. Storing Passwords
Section C.2. Using mcrypt
Section C.3. Storing Credit Card Numbers
Section C.4. Encrypting Session Data
About the Author
Colophon
Index
SYMBOL
A
B
C
D
E
F
G
H
I
L
M
N
O
P
Q
R
S
T
U
V
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
Qualities of Successful Project Managers
Managing the Risk, Managing the Estimates
Controlling a Project
Leveraging Earned Value Management Concepts
Three Key Principles
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Configuring Intracluster IP Phone Communication
Configuring Hunt Groups and Call Coverage
Implementing Telephony Call Restrictions and Control
Softkey Templates
Systematic Software Testing (Artech House Computer Library)
Analysis and Design
The Software Tester
The Test Manager
Appendix B Testing Survey
Appendix F Process Diagrams
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Fundamental SOA
The Evolution of SOA
Service-Oriented Analysis (Part I: Introduction)
WS-Coordination overview
Fundamental WS-* Extensions
Quantitative Methods in Project Management
Organizing and Estimating the Work
Making Quantitative Decisions
Risk-Adjusted Financial Management
Quantitative Time Management
Quantitative Methods in Project Contracts
MPLS Configuration on Cisco IOS Software
Frame-Mode MPLS
Case Study-Hub and Spoke MPLS VPN Network Using BGP PE-CE Routing for Sites Using Unique AS Numbers
Option 2: Inter-Provider VPNs Using ASBR-to-ASBR Approach
Local Switching
Case Study 7: Implementing Hub and Spoke Topologies with OSPF
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies