Customer Reviews

Essential PHP Security

5 star:		(5)
4 star:		(3)
3 star:		(1)
2 star:		(0)
1 star:		(0)

 

 

We've probably all heard about sql injections, cross side scripting, session hi-jacking and other security issues in PHP, and this book explains what they are, how they happen and how to combat them. More than that though, you'll learn best practices for writing secure php pages.

One of the things I liked about this book is that you don't need to be sat next to your PC to read it. Though it has many nice and clear code examples, it's mainly about principles and theory. Excellent to have on the bedside table.

It isn't a very thick book, but is written in a clear and accessible style, and I found myself going 'aha' all the way through. I read it quickly but have a feeling that I'll return to it often until all those best practices are memorised and I'm 'doing' them.

Worth buying? Definitely. This book should be on every serious PHP programmer's bookshelf.

This book is very good, and absolutely recommandable.

The book is not very big (~100 pages) and can be read quite fast. It's also an easy read, as the language in the book is not hard as some other technical books might be. The explanations are good, and easy to understand, as well as the reasoning.

I enjoyed this book, and it's a great reference. It's size also allows you to read it again (And that's a great idea - Helps you to remember) to get the most out of the book.

The author knows what he talks about, and his advice really makes sense. You might already be aware of some of the concepts, such as filtering input etc, but Chris explains really well the ideas behind such concepts, and gives great examples of what can go wrong if you fail to follow the simple principles given.

All in all, this is a great book that really helps you, by teaching you best practices from a very experienced web-developer.

And the book is really great as a reference.

We've all written unsecure code. Then tried to circumvent our weak security measures. It made us better programmers, and made us sleep better knowing our applications were safe. But there is just so far your imagination can go, while thinking up ways to get inside your perfectly secure system.

Essential PHP Security by Chris Shiflett brings you those ideas in a book that looks rather, well small. We've all gotten used to those big, heavy, shelf bending computer books, but this one has just 124 pages. Allow me to get a bit poetic: Don't judge the book by its covers, or rather by the number of pages. This book is the essential reading for all PHP developers, professional and hobbyist alike. It is one of those books that will not get outdated and will be referenced on a daily basis.

I really enjoyed reading this book. It made me realize that some of my approaches were a bit misslead, but mostly solidified my way of coding. And that is really what I was looking to get out of this book.

Probably nothing new here for most PHP programmers, but it's nice to have it all collected in one place.

The structure is also cleverly thought out, dealing chapter by chapter with specific types of activity (e.g. forms, databases, sessions etc).

It's a thin book for the money, but much clearer than anything less specialist I've come across. Thin enough that you can check through all of it before your site goes live - just in case!

I was disappointed when I opened my Amazon package to find this slim book (100+pages). However, the content is pure gold. If you write PHP scripts you should read this book. I attended a two day course on PHP security which was very good but I can say unequivocally that this book is much much better. Having read the book its size is an advantage.

It has a practical approach to the problem and examples to illustrate the common security holes in PHP scripts and how to prevent them. There is no extraneous material and security issues are described in a concise way making it easy to follow. Examples are available on the books website (in common with most O'Reilly books)

Read this book before writing a PHP script, during and afterwards. Have it to hand: it is a vade mecum of PHP security. Reading and applying the knowledge within its covers could save you hours of time undoing a hack on your website and database.

I've found this book useful because it explained to me how certain vulnerabilities can arise. That is handy to know whatever language you are writing in. The solutions the author suggests can also be employed outside of PHP.

I agree with most of the comments of the other reviewers so I won't bore you by repeating them.

It may only be 100 pages but it's well worth the price if you need educating about web security.

It does contain simple ways to make your websites more secure, but nothing too tricky.

I was a bit disappointed with this book. BUT it is a good book to read for beginners.

Great advice, very small compact book, clearly written.

This book makes light work of a complex topic but does not go into great depth. A lot of the recommendations are common sense (use SSL for password transmission), filter input.

As the title suggest, this are "essential" or "basic" security techniques, a must read for any new developer / a great starting point for anyone wishing to learn about PHP security.

If you've done a bit of PHP programming, or have used any other online scripting languages, but have never considered the security implications, this book is essential. The threats are jaw-droppingly simple, but so are their fixes, and the principles remain for other technologies too. The techniques will also improve the integrity of your data and ensure that you consider security in the design process of your applications.

The book is lean and quick to read, the content is aimed at reasonably knowledgeable programmers, but there is nothing here that can't be easily researched. All the issues are illustrated with short, relevant examples and code, which makes a change from most programming books. The author also maintains his own website to ensure that readers can remain updated on problems for the foreseeable future. Overall, this is essential stuff and great value.