Flylib.com
Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
Essential PHP Security
Table of Contents
Copyright
Foreword
Preface
What s Inside
Style Conventions
Comments and Questions
Safari Enabled
Acknowledgments
Chapter 1. Introduction
Section 1.1. PHP Features
Section 1.2. Principles
Section 1.3. Practices
Chapter 2. Forms and URLs
Section 2.1. Forms and Data
Section 2.2. Semantic URL Attacks
Section 2.3. File Upload Attacks
Section 2.4. Cross-Site Scripting
Section 2.5. Cross-Site Request Forgeries
Section 2.6. Spoofed Form Submissions
Section 2.7. Spoofed HTTP Requests
Chapter 3. Databases and SQL
Section 3.1. Exposed Access Credentials
Section 3.2. SQL Injection
Section 3.3. Exposed Data
Chapter 4. Sessions and Cookies
Section 4.1. Cookie Theft
Section 4.2. Exposed Session Data
Section 4.3. Session Fixation
Section 4.4. Session Hijacking
Chapter 5. Includes
Section 5.1. Exposed Source Code
Section 5.2. Backdoor URLs
Section 5.3. Filename Manipulation
Section 5.4. Code Injection
Chapter 6. Files and Commands
Section 6.1. Traversing the Filesystem
Section 6.2. Remote File Risks
Section 6.3. Command Injection
Chapter 7. Authentication and Authorization
Section 7.1. Brute Force Attacks
Section 7.2. Password Sniffing
Section 7.3. Replay Attacks
Section 7.4. Persistent Logins
Chapter 8. Shared Hosting
Section 8.1. Exposed Source Code
Section 8.2. Exposed Session Data
Section 8.3. Session Injection
Section 8.4. Filesystem Browsing
Section 8.5. Safe Mode
Appendix A. Configuration Directives
Section A.1. allow_url_fopen
Section A.2. disable_functions
Section A.3. display_errors
Section A.4. enable_dl
Section A.5. error_reporting
Section A.6. file_uploads
Section A.7. log_errors
Section A.8. magic_quotes_gpc
Section A.9. memory_limit
Section A.10. open_basedir
Section A.11. register_globals
Section A.12. safe_mode
Appendix B. Functions
Section B.1. eval( )
Section B.2. exec( )
Section B.3. file( )
Section B.4. file_get_contents( )
Section B.5. fopen( )
Section B.6. include
Section B.7. passthru( )
Section B.8. phpinfo( )
Section B.9. popen( )
Section B.10. preg_replace( )
Section B.11. proc_open( )
Section B.12. readfile( )
Section B.13. require
Section B.14. shell_exec( )
Section B.15. system( )
Appendix C. Cryptography
Section C.1. Storing Passwords
Section C.2. Using mcrypt
Section C.3. Storing Credit Card Numbers
Section C.4. Encrypting Session Data
About the Author
Colophon
Index
SYMBOL
A
B
C
D
E
F
G
H
I
L
M
N
O
P
Q
R
S
T
U
V
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Why Project Risk Management?
Managing Project Constraints and Documenting Risks
Quantifying and Analyzing Project Risk
Closing Projects
Appendix A Selected Detail From the PERIL Database
Software Configuration Management
Configuration Management and Software Engineering Standards Reference
Metrics and Configuration Management Reference
Appendix C Sample Data Dictionary
Appendix I System Service Request
Appendix Y Supplier CM Market Analysis Questionnaire
The CISSP and CAP Prep Guide: Platinum Edition
Access Control
Legal, Regulations, Compliance, and Investigations
Physical (Environmental) Security
Continuous Monitoring Process
Appendix F Security Control Catalog
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Creating a Struts-based MVC Application
Managing Business Logic with Struts
Templates and Velocity
Creating a Search Engine with Lucene
Building the JavaEdge Application with Ant and Anthill
Python Standard Library (Nutshell Handbooks) with
The copy Module
Overview
The pickle Module
The nt Module
The keyword Module
Understanding Digital Signal Processing (2nd Edition)
PITFALLS IN BUILDING IIR FILTERS
SIMPLIFIED FIR FILTER STRUCTURE
APPROXIMATE ENVELOPE DETECTION
REFERENCES
REFERENCES
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies