Chapter 15. Security concerns

15.1. General warnings

There are malevolent users. Ignorance is no protection. Official documentation devotes 12 of 43 chapters to security issues (as of 17 Jun 2007).

15.2. At browser

password input type htmlspecialchars

15.3. At Web server

validating all user input, even in hidden fields PHP in hidden directory Error reporting

15.4. At database

restricted access permissions - even different users for different scripts addslashes PASSWORD()

15.5. At other computers

SSL/TSL expiring sessions