Contents
1. Introduction
2. A brief look at HTML
3. Simple programs
4. Accessing user information
5. Numbers and strings
6. Conditional execution
7. Database access
8. Repetition
9. More SQL
10. More about forms
11. HTTP
12. Input validation
13. Arrays
14. Sessions
15. Security concerns

Chapter 15. Security concerns

15.1. General warnings

There are malevolent users. Ignorance is no protection. Official documentation devotes 12 of 43 chapters to security issues (as of 17 Jun 2007).

15.2. At browser

password input type htmlspecialchars

15.3. At Web server

validating all user input, even in hidden fields PHP in hidden directory Error reporting

15.4. At database

restricted access permissions - even different users for different scripts addslashes PASSWORD()

15.5. At other computers

SSL/TSL expiring sessions