Flylib.com
Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
Essential PHP Security
Table of Contents
Copyright
Foreword
Preface
What s Inside
Style Conventions
Comments and Questions
Safari Enabled
Acknowledgments
Chapter 1. Introduction
Section 1.1. PHP Features
Section 1.2. Principles
Section 1.3. Practices
Chapter 2. Forms and URLs
Section 2.1. Forms and Data
Section 2.2. Semantic URL Attacks
Section 2.3. File Upload Attacks
Section 2.4. Cross-Site Scripting
Section 2.5. Cross-Site Request Forgeries
Section 2.6. Spoofed Form Submissions
Section 2.7. Spoofed HTTP Requests
Chapter 3. Databases and SQL
Section 3.1. Exposed Access Credentials
Section 3.2. SQL Injection
Section 3.3. Exposed Data
Chapter 4. Sessions and Cookies
Section 4.1. Cookie Theft
Section 4.2. Exposed Session Data
Section 4.3. Session Fixation
Section 4.4. Session Hijacking
Chapter 5. Includes
Section 5.1. Exposed Source Code
Section 5.2. Backdoor URLs
Section 5.3. Filename Manipulation
Section 5.4. Code Injection
Chapter 6. Files and Commands
Section 6.1. Traversing the Filesystem
Section 6.2. Remote File Risks
Section 6.3. Command Injection
Chapter 7. Authentication and Authorization
Section 7.1. Brute Force Attacks
Section 7.2. Password Sniffing
Section 7.3. Replay Attacks
Section 7.4. Persistent Logins
Chapter 8. Shared Hosting
Section 8.1. Exposed Source Code
Section 8.2. Exposed Session Data
Section 8.3. Session Injection
Section 8.4. Filesystem Browsing
Section 8.5. Safe Mode
Appendix A. Configuration Directives
Section A.1. allow_url_fopen
Section A.2. disable_functions
Section A.3. display_errors
Section A.4. enable_dl
Section A.5. error_reporting
Section A.6. file_uploads
Section A.7. log_errors
Section A.8. magic_quotes_gpc
Section A.9. memory_limit
Section A.10. open_basedir
Section A.11. register_globals
Section A.12. safe_mode
Appendix B. Functions
Section B.1. eval( )
Section B.2. exec( )
Section B.3. file( )
Section B.4. file_get_contents( )
Section B.5. fopen( )
Section B.6. include
Section B.7. passthru( )
Section B.8. phpinfo( )
Section B.9. popen( )
Section B.10. preg_replace( )
Section B.11. proc_open( )
Section B.12. readfile( )
Section B.13. require
Section B.14. shell_exec( )
Section B.15. system( )
Appendix C. Cryptography
Section C.1. Storing Passwords
Section C.2. Using mcrypt
Section C.3. Storing Credit Card Numbers
Section C.4. Encrypting Session Data
About the Author
Colophon
Index
SYMBOL
A
B
C
D
E
F
G
H
I
L
M
N
O
P
Q
R
S
T
U
V
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
The CISSP and CAP Prep Guide: Platinum Edition
Business Continuity Planning and Disaster Recovery Planning
Initiation of the System Authorization Process
Appendix A Answers to Assessment Questions
Appendix C The Information System Security Architecture Professional (ISSAP) Certification
Appendix F Security Control Catalog
Network Security Architectures
Network Security Axioms
Network Security Is a System
Network Devices
Applied Knowledge Questions
Ten Steps to Designing Your Security System
Java How to Program (6th Edition) (How to Program (Deitel))
Declaring and Creating Arrays
Self-Review Exercises
Towers of Hanoi
Summary
Introduction
101 Microsoft Visual Basic .NET Applications
Working with Microsoft Visual Studio .NET 2003 and Microsoft .NET Framework 1.1
Working with Console Applications
Interacting with the Operating System
Working with the .NET Framework
Building Enterprise Services Applications
Programming Microsoft ASP.NET 3.5
ASP.NET Core Server Controls
Working with the Page
Extending Existing ASP.NET Controls
Working with Images in ASP.NET
HTTP Handlers and Modules
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Article 322 Flat Cable Assemblies Type FC
Article 366 Auxiliary Gutters
Article 392 Cable Trays
Article 400: Flexible Cords and Cables
Example No. D4(a) Multifamily Dwelling
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies