About the Author

Chris Shiflett

Hi, I'm Chris, a web developer and a founding member of Analog. I live and work in Brooklyn, NY.

PHP Security Workbook

My OSCON tutorial, PHP Security, was a big hit. The workbook for the tutorial is likely the most complete source of PHP security information and best practices available (until my book, PHP Security, is published).

Here it is: php-security.pdf (248 KB, 55 pages). I hope you find it helpful.

About This Post

PHP Security Workbook was posted on Wed, 28 Jul 2004 at 22:50:30 GMT.

3 Comments

1. David Goldfeder's GravatarDavid Goldfeder said:

This document is great. It was a wonderful resource written clearly with examples to help understand what can be a complex and difficult concept. The information about protecting a PHP session was of particular use to me.

David Goldfeder

Web and Database Specialist

University of Illinois, Urbana-Champaign

Department of Mechanical and Industrial Engineering

Mon, 13 Sep 2004 at 17:05:11 GMT Link

2. Trevor's GravatarTrevor said:

Thank you so much for this wonderful PDF. It's very rare to find such an easy-to-follow guide to important security issues. I was searching all over the place for something like this, and all I could find was disparate (often conflicting) junk that I couldn't follow. I really appreciate you're offering it for free download. Thanks again.

Tue, 19 Apr 2005 at 19:09:11 GMT Link

3. Flash Master's GravatarFlash Master said:

thanks alot ,

Sat, 24 Sep 2005 at 05:29:36 GMT Link

Post A Comment

Personal Details and Comment

Style Guide

Line breaks are converted to paragraphs. Also use:

  • <a href="" title="">text</a>1
  • <em>text</em>
  • <blockquote><p>text</p></blockquote>
  • <code>2  <?php  if ($foo) {      $foo = TRUE;  }  ?></code>
  1. Note: <code> can be used inline (e.g. in paragraphs) or in a block as shown. Include whitespace and newlines in blocks.

Please enter Chris (my first name) below. This is a primitive spam prevention technique, and I apologize for the inconvenience.

Preview and Submit

Upcoming Events

Brooklyn Beta

21 - 22 Oct 2010

At The Invisible Dog, Brooklyn, New York.

New Comments

Chris Shiflett wrote:

Hi John, How do you avoid race conditions with this? The findandmodify() command is atomic,...

Posted in Auto Increment with MongoDB
John Judy wrote:

How do you avoid race conditions with this? Once you get to a certain traffic volume two or more ...

Posted in Auto Increment with MongoDB
Chris Shiflett wrote:

Hey Ivo, Andrei is best suited to give a full response, since he's the one who researched this...

Posted in Auto Increment with MongoDB
Ivo wrote:

Although you did mention that you werent going to discuss the why, I can't think of a single vali...

Posted in Auto Increment with MongoDB
Stikkyfinger wrote:

Jon Gibbins plays a mean guitar? I'd be interested to know what he plays and what type of guitar ...

Posted in Hello, Analog

Browse Comments

Work and Books

Analog Essential PHP Security HTTP Developer's Handbook