About the Author

Chris Shiflett

Hi, I’m Chris: web craftsman, community leader, husband, father, and partner at Fictive Kin.


Essential PHP Security: Forms and URLs

The sample chapter of Essential PHP Security for MySQL's Developer Zone is now available:

This chapter discusses form processing and the most common types of attacks that you need to be aware of when dealing with data from forms and URLs. You will learn about attacks such as cross-site scripting (XSS) and cross-site request forgeries (CSRF), as well as how to spoof forms and raw HTTP requests manually. By the end of the chapter, you will not only see examples of these attacks, but also what practices you can employ to help prevent them.

I hope you enjoy it. :-)

About this post

Essential PHP Security: Forms and URLs was posted on Thu, 22 Dec 2005. If you liked it, follow me on Twitter or share:

4 comments

1.Cameron said:

Just got the book in the mail yesterday. I'm already a couple chapters in and it's looking pretty good so far. Two things I really appreciate about it is that it's not difficult to understand, and that it focuses more on concepts than very specific examples.

Sun, 25 Dec 2005 at 08:00:26 GMT Link


2.AlexGreen said:

This chapter is the most important because scripts that get data from forms are most vulnarable. Understanding of secure forms data handling is the key to secure scripts.

Wed, 04 Jan 2006 at 08:04:59 GMT Link


3.James said:

Hey this a really nice freebie... Thanks and keep up your great work!

Tue, 17 Jan 2006 at 09:04:47 GMT Link


4.Chris Shiflett said:

Thanks, James. Glad you appreciate it. :-)

Thu, 19 Jan 2006 at 17:49:31 GMT Link


Hello! What’s your name?

Want to comment? Please connect with Twitter to join the discussion.