Security is a topic to which one could devote an entire lifetime, and it is extremely difficult to distill all the possible things about which you might need to worry into a single chapter. We have instead attempted to instill in you a mindset or sense of process through which you can approach security.
Instead of thinking about specific problems as you learn about them, you should be thinking about securing your web applications right from the design phase. For every valid use of an application, there are likely to be 10 misuses. If we are constantly worried about these and anticipating them, then we are less surprised when they occur.
In this chapter, we have seen some of the major categories of threats we might face. We began our efforts of securing our web applications by looking at ways we could write our PHP scripts and SQL queries in a more secure manner.
In the next chapter, we look at securing the software and hardware on which our web applications runfrom the web server and PHP, to the database server and the hardware and networks we use.