IN THIS CHAPTER
Identifying PHP attacks
Stopping cross-site scripts
Hiding your files
Watching for data spoofing
Handling data safely
Web application security is a hot topic these days, and for good reason! It seems that almost every day there’s a news story about some company being attacked and having important data stolen. These breaches are costly — both for the company and for the thousands of customers who have personal information stolen.
As a web application developer, your job is to put security first in all your design and coding work. You’re the front line in the battle of data security! This chapter helps with that job, by giving you an idea of the types of attacks you need to watch out for and then walking you through how to avoid those attacks with your PHP code.
To avoid attacks, you first need to know where they’ll come from. It doesn’t do any good to barricade the front door, if you leave the windows ...