Flylib.com
Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
Essential PHP Security
Table of Contents
Copyright
Foreword
Preface
What s Inside
Style Conventions
Comments and Questions
Safari Enabled
Acknowledgments
Chapter 1. Introduction
Section 1.1. PHP Features
Section 1.2. Principles
Section 1.3. Practices
Chapter 2. Forms and URLs
Section 2.1. Forms and Data
Section 2.2. Semantic URL Attacks
Section 2.3. File Upload Attacks
Section 2.4. Cross-Site Scripting
Section 2.5. Cross-Site Request Forgeries
Section 2.6. Spoofed Form Submissions
Section 2.7. Spoofed HTTP Requests
Chapter 3. Databases and SQL
Section 3.1. Exposed Access Credentials
Section 3.2. SQL Injection
Section 3.3. Exposed Data
Chapter 4. Sessions and Cookies
Section 4.1. Cookie Theft
Section 4.2. Exposed Session Data
Section 4.3. Session Fixation
Section 4.4. Session Hijacking
Chapter 5. Includes
Section 5.1. Exposed Source Code
Section 5.2. Backdoor URLs
Section 5.3. Filename Manipulation
Section 5.4. Code Injection
Chapter 6. Files and Commands
Section 6.1. Traversing the Filesystem
Section 6.2. Remote File Risks
Section 6.3. Command Injection
Chapter 7. Authentication and Authorization
Section 7.1. Brute Force Attacks
Section 7.2. Password Sniffing
Section 7.3. Replay Attacks
Section 7.4. Persistent Logins
Chapter 8. Shared Hosting
Section 8.1. Exposed Source Code
Section 8.2. Exposed Session Data
Section 8.3. Session Injection
Section 8.4. Filesystem Browsing
Section 8.5. Safe Mode
Appendix A. Configuration Directives
Section A.1. allow_url_fopen
Section A.2. disable_functions
Section A.3. display_errors
Section A.4. enable_dl
Section A.5. error_reporting
Section A.6. file_uploads
Section A.7. log_errors
Section A.8. magic_quotes_gpc
Section A.9. memory_limit
Section A.10. open_basedir
Section A.11. register_globals
Section A.12. safe_mode
Appendix B. Functions
Section B.1. eval( )
Section B.2. exec( )
Section B.3. file( )
Section B.4. file_get_contents( )
Section B.5. fopen( )
Section B.6. include
Section B.7. passthru( )
Section B.8. phpinfo( )
Section B.9. popen( )
Section B.10. preg_replace( )
Section B.11. proc_open( )
Section B.12. readfile( )
Section B.13. require
Section B.14. shell_exec( )
Section B.15. system( )
Appendix C. Cryptography
Section C.1. Storing Passwords
Section C.2. Using mcrypt
Section C.3. Storing Credit Card Numbers
Section C.4. Encrypting Session Data
About the Author
Colophon
Index
SYMBOL
A
B
C
D
E
F
G
H
I
L
M
N
O
P
Q
R
S
T
U
V
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors:
Chris Shiflett
BUY ON AMAZON
The CISSP and CAP Prep Guide: Platinum Edition
Information Security and Risk Management
Business Continuity Planning and Disaster Recovery Planning
The Accreditation Phase
Continuous Monitoring Process
Appendix F Security Control Catalog
WebLogic: The Definitive Guide
Configuring Web Applications
WebLogic-Specific Configuration Options
Using JavaMail
EJBs and Clustering
Accessing MBeans
Introduction to 80x86 Assembly Language and Computer Architecture
Representing Data in a Computer
Branching and Looping
Procedures
Bit Manipulation
Decimal Arithmetic
Programming Microsoft ASP.NET 3.5
ASP.NET Iterative Controls
Web Forms User Controls
ASP.NET Mobile Controls
ASP.NET State Management
Creating New ASP.NET Controls
Microsoft VBScript Professional Projects
What Is VBScript?
Developing a Setup Script
Collecting Remote Summary Reports
Archive Management
Designing the Web Site
Python Programming for the Absolute Beginner, 3rd Edition
And Now for Something Completely Different
The Greps of Wrath
Menus
Oh What a Tangled Web We Weave
Sending Mail by SMTP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies