Essential PHP Security Book Cover
Essential PHP Security by Chris Shiflett
About | Contents | Buy Now | Reviews | Errata | Code
  1. Foreword
  2. Preface
  1. Introduction
  2. Forms and URLs
          ch02.pdf
  3. Databases and SQL
  4. Sessions and Cookies
          ch04.pdf
  5. Includes
  6. Files and Commands
  7. Authentication and Authorization
  8. Shared Hosting
  1. Configuration Directives
  2. Functions
  3. Cryptography
  4. Index

Code Repository

Chapter 1, Introduction

Set Error Reporting Directives (Pg 3)
View (syntax-colored)
Raw (plain text)
Create a Custom Error Handler (Pg 3)
View (syntax-colored)
Raw (plain text)
Filter Input (Pg 11)
View (syntax-colored)
Raw (plain text)
Escape Output (Pg 13-14)
View (syntax-colored)
Raw (plain text)

Chapter 2, Forms and URLs

Raw POST Request with File Upload (Pg 21-22)
View (syntax-colored)
Raw (plain text)
Use is_uploaded_file() (Pg 22)
View (syntax-colored)
Raw (plain text)
Use move_uploaded_file() (Pg 22)
View (syntax-colored)
Raw (plain text)
Use filesize() (Pg 23)
View (syntax-colored)
Raw (plain text)
Add a Token to a Form (Pg 28)
View (syntax-colored)
Raw (plain text)
Check a Token in a Form (Pg 28)
View (syntax-colored)
Raw (plain text)
Send a Raw HTTP Request (Pg 31-32)
View (syntax-colored)
Raw (plain text)

Chapter 4, Sessions and Cookies

Enforce User-Agent Consistency (Pg 48)
View (syntax-colored)
Raw (plain text)
Create an Auth Token (Pg 49)
View (syntax-colored)
Raw (plain text)

Chapter 7, Authentication and Authorization

Brute Force an Authentication Form (Pg 65)
View (syntax-colored)
Raw (plain text)
Throttle an Authentication Form (Pg 66-67)
View (syntax-colored)
Raw (plain text)
Create a Persistent Login Cookie (Pg 71)
View (syntax-colored)
Raw (plain text)
Check a Persistent Login Cookie (Pg 71-73)
View (syntax-colored)
Raw (plain text)

Chapter 8, Shared Hosting

Read Session Data (Pg 77)
View (syntax-colored)
Raw (plain text)
Store Session Data in a MySQL Database (Pg 78-80)
View (syntax-colored)
Raw (plain text)
Edit Session Data (edit.php) (Pg 81-82)
View (syntax-colored)
Raw (plain text)
Edit Session Data (inject.php) (Pg 82)
View (syntax-colored)
Raw (plain text)
Browse the Filesystem (Pg 82-83)
View (syntax-colored)
Raw (plain text)
Bypass Safe Mode (Pg 85)
View (syntax-colored)
Raw (plain text)

Appendix C, Cryptography

Hash a Password (Pg 98)
View (syntax-colored)
Raw (plain text)
Check a Password (Pg 98)
View (syntax-colored)
Raw (plain text)
List Available Algorithms (Pg 99)
View (syntax-colored)
Raw (plain text)
Create a Cryptography Class (Pg 99-100)
View (syntax-colored)
Raw (plain text)
Use a Cryptography Class (Pg 100)
View (syntax-colored)
Raw (plain text)
Encrypt Data (Pg 101)
View (syntax-colored)
Raw (plain text)
Decrypt Data (Pg 101-102)
View (syntax-colored)
Raw (plain text)
Encrypt Session Data (Pg 102-103)
View (syntax-colored)
Raw (plain text)