O'Reilly logo

Zend PHP Certification Study Guide by Zend Technologies

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11. Security

Terms You’ll Need to Understand

  • Data filtering

  • register_globals

  • SQL injection

  • Command injection

  • Cross-site scripting (XSS)

  • Shared hosting

  • safe_mode

  • open_basedir

Techniques You’ll Need to Master

  • Validating client data

  • Understanding the register_globals directive

  • Escaping data used in SQL statements

  • Escaping data used in shell commands

  • Preventing cross-site scripting attacks

  • Understanding the safe_mode directive

  • Understanding the open_basedir directive

Data Filtering

Data filtering, the process of validating data and filtering out that which is invalid, is arguably the cornerstone of Web application security. The basic premise is quite simple: Never trust foreign data, especially data from the client.

There are two fundamentally different approaches ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required