View stunning SlideShares in full-screen with the new iOS app!Introducing SlideShare for AndroidExplore all your favorite topics in the SlideShare appGet the SlideShare app to Save for Later — even offline
View stunning SlideShares in full-screen with the new Android app!View stunning SlideShares in full-screen with the new iOS app!
PHP security in depth• Forms and URLs• Databases and SQL• Sessions and Cookies• Includes• Files and Commands• Authentication and Authorization• Shared Hosting• Configuration Directives• Functions• Cryptography
Forms and Data• A user can send data to your application in three predominant ways: – In the URL (e.g., GET data) – In the content of a request (e.g., POST data) – In an HTTP header (e.g., Cookie)
Forms and URLs• Forms and Data• Semantic URL Attacks• File Upload Attacks• Cross-Site Scripting• Cross-Site Request Forgeries• Spoofed Form Submissions• Spoofed HTTP Requests
Databases and SQL• Exposed Access Credentials• SQL Injection• Exposed Data