The IBM DeveloperWorks site has posted some advice that can help keep you, your application and your data safe from security-related attacks.
Security in a PHP application includes remote and local security concerns. Discover the habits PHP developers should get into to implement Web applications that have both characteristics.
The habits in their list are:
- Validate input
- Guard your file system
- Guard your database
- Guard your session
- Guard against XSS vulnerabilities
- Guard against invalid posts
- Protect against CSRF
Each comes with their own explanation and for some, code to help you spot the mistakes and correct them.