About the Author

Chris Shiflett

Hi, I’m Chris, a web craftsman making things like Mapalong & Brooklyn Beta with my friends at Analog.

PHP Security by Example

I gave three talks at this year's phpworks conference. The most popular was PHP Security by Example, a talk that consists entirely of exercises. This approach is unique in the sense that the focus is on first exploiting vulnerable code and then fixing it. I think seeing how easy some exploits are gives people a better appreciation and understanding of the safeguards.

The slides are available in PDF and Flash format:

I'll post the slides to the other talks soon.

About this post

PHP Security by Example was posted on Fri, 16 Sep 2005 at 18:10:28 GMT. Follow me on Twitter.

6 comments

1.Matthom said:

Cool, thanks. I noticed there is no "Back" button on that Flash presentation - which is quite aggravating. Unless I missed it somehow...

Can't wait for the PHP Security book to hit the shelves... It's something that few people take notice of.

Fri, 16 Sep 2005 at 23:10:26 GMT Link

2.Chris Shiflett said:

That Flash file is generated from Keynote, so apologies for any missing features. If a future version of Keynote improves upon the Flash export (the layout is also slightly broken), I'll be happy to export the slides again.

I hope you enjoy the book. :-)

Mon, 19 Sep 2005 at 06:21:59 GMT Link

3.Dmitry said:

Chris, sorry, but I can`t download http://brainbulb.com/phpworks.tar.gz :(

Mon, 19 Sep 2005 at 13:04:23 GMT Link

4.Chris Shiflett said:

Thanks, Dmitry. It should be fixed now.

Mon, 19 Sep 2005 at 13:45:33 GMT Link

5.Dmitry said:

Thanks, we`ll be waiting for the slides to the other talks on PHP Security by Example ;)

Thu, 22 Sep 2005 at 07:53:24 GMT Link

6.imran said:

Hi

With all the design concepts and other dross floating around in my head, I've become completely paralyzed on what to do next.

On one hand, I want to do something and I want to do it right. On the other hand, I don't know what this "right" is.

I want to use controllers, but I don't really know what they are. Right now, I have a bunch of cobbled together pages. I *could* move them into classes, which would probably help factoring them into more controller oriented things, but I want to get it right the first time. And I know I can't.

In this mentality, I think I have bitten off more than I can chew. Every small step means more steps when the final design comes into place, but without small steps I cannot get anywhere.

I need help.

Imran Hashmi

http://www.visionstudio.co.uk

Fri, 04 Nov 2005 at 09:29:11 GMT Link

Hello! What’s your name?

Want to comment? Please connect with Twitter to join the discussion.

Work and Books

Analog Essential PHP Security HTTP Developer's Handbook