As more people use and depend on technology, more users attempt to manipulate it. All technologies have some level of capability for misuse in the hands of those with ill intentions. This is illustrated well by the high-profile security compromises of the Epsilon unit of Alliance Data Systems, Sony’s PlayStation Network, and Google’s Gmail service.

The purpose of this chapter is to show you how to secure your PHP applications from common attack vectors, or specific types of vulnerabilities that attackers can exploit. This chapter is not intended to be a comprehensive guide to security principles or practices; like technology, these subjects are in a constant state of development and evolution. Instead, the focus of ...