Phparchitect's Guide to PHP Security Paperback – Sep 7 2005
|New from||Used from|
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
About the Author
Rasmus Lerdorf started the PHP Project back in 1995 and has been actively involved in PHP development ever since. Also involved in a number of other open source projects, Rasmus is a longtime Apache contributor and foundation member. He is the author of the first edition of the PHP Pocket Reference, and the co-author of the first edition of Programming PHP.
Most Helpful Customer Reviews on Amazon.com (beta)
Overall, I wouldn't say I was disappointed with the book, but I definitely wasn't impressed. There were numerous misspellings, typos, and (in a few cases) words missing altogether. With my knowledge I considered these typos to be fairly minor, but someone with less experience may become confused by a few of them.
In one case, a variable in one of the coding examples was actually mis-keyed. If someone were to copy the example verbatim, it would not behave as expected. That type of error should never occur in a book like this.
The various chapters do contain useful information, but the code examples are pretty lame. Don't buy this book if you're looking for specific, real-world, useful examples on how to implement your security measures, but if you already have enough PHP experience to figure out ways of implementing the *concepts* presented in this book, then it may be worthwhile picking up.
Experienced PHP programmers with some security experience will probably find a few useful tidbits, and anyone looking to truly maximize the security of their web applications would definitely benenfit from the sheer number of concepts presented in this book. However, many PHP developers will likely agree that a number of the concepts presented are somewhat superfluous, or rendered obsolete by other concepts.
In many cases the author will provide a concept for securing an application, provide an example of how to do it, and then proceed to explain why that method is NOT the best method to use. Someone looking for a quick-use reference manual of the most effective ways to secure your application will probably not enjoy this book.
BOTTOM LINE: there's gotta be better books on PHP security available for beginners, intermediate developers, and professionals alike. Only buy this book if you're interested in a large number of concepts and don't care about clear and specific examples of real-world implementation.
Advice to the Author/Publisher: Fix the typos and put the missing words back in! Expand on your code examples and provide more real-world application. Choose better naming conventions for your variables in your examples - no one wants to guess at what the variable "$e" represents, use "$elements" instead. Compile a chapter of "Top 10 security exploits and how to avoid them" using your recommended methods for the various exploits (or something similar). As it stands now, your readers not only have to work through the errors and the poor examples, they also have to decode which of your concepts are worth actually implementing, since so many of them have loopholes, provide other vulnerabilities, or simply "aren't enough" to truly secure the application.
As for the example code - fast, small, and no wasted time declaring variables or basic stuff.
Don't get this book if you're just learning PHP - get this book after writing your first PHP forms!!!
The author have knowledge of the inner working procedure of PHP, and it makes the difference with others books or compilation of articles found on the Net. Yes, this book is thin, yes, it has only 10 chapters, and yes, i have found immediately what i was waiting for a long time.
Buy it, steal it, hack it, but if you write PHP app, you must read this book.
Four thumbs up (the hands and the feet)
Look for similar items by category
- Books > Computers & Technology > Certification Central > Exams > Security+
- Books > Computers & Technology > History & Culture > Privacy
- Books > Computers & Technology > Internet & Social Media
- Books > Computers & Technology > Networking & Cloud Computing > Internet, Groupware, & Telecommunications
- Books > Computers & Technology > Programming
- Books > Computers & Technology > Security & Encryption > Privacy & Online Safety
- Books > Computers & Technology > Web Development > Programming > PHP
- Books > Computers & Technology > Web Development > Web Services