About the Author

Chris Shiflett

Hi, I’m Chris, a web craftsman making things like Mapalong & Brooklyn Beta with my friends at Analog.

Essential PHP Security Slashdotted

Thanks to everyone who wrote to let me know that Essential PHP Security was Slashdotted yesterday. Slashdot still amazes me. I think the book's Amazon.com Sales Rank is a testament to the power of Slashdot:

Here's a closer view:

The review is very complimentary, but I'd like to address one point:

In light of the author's expertise, one would presume that he would make every effort to write the definitive volume on PHP security - covering every conceivable topic, including: execution of system commands, verification of user IDs and authorization, email spamming via web forms, (the related topic of) exclusion of bots, and remote procedure calls.

I replied to this, stating:

I deliberately chose to focus this book on the 80%, and I'm happy that I did. PHP's reputation suffers because of security concerns, and I'm sure you'll see some of that expressed here. I want PHP developers who read this book to focus on what's most important, and the principles and practices that they learn along the way should prepare them to deal with more minor concerns.

Luke Welling comments:

I guess leaving your readers hungry for more of the same is a compliment of sorts.

Well put, Luke. Thanks. :-)

About this post

Essential PHP Security Slashdotted was posted on Tue, 14 Feb 2006 at 17:34:23 GMT. Follow me on Twitter.

5 comments

1.Nate Klaiber said:

I just stumbled upon this yesterday and will be ordering this book tonight. I have read the free chapters from the website, as well as other articles from you, Chris, and I think this is going to be a great resource for me and my development!

I also just ordered 2 Regular Expression books to add to my library, so I have to read those first :)

Thanks!

Nate

Tue, 14 Feb 2006 at 17:52:41 GMT Link

2.Dan Scott said:

When you say "Slashdotted", do you mean that the hordes of Slashdot readers brought down the book's Web site? That's generally how the term is used (has both good and bad connotations: good for the reflection of interest by the unwashed Slashdot masses, bad for the capability of the Web server / database backend to handle the onslaught of hits).

BTW, i happened to have moderator points yesterday and spent most of them on the comments related to the review. Congrats on the visibility!

Speaking of visibility, my book "Apache Derby: Off to the Races" was ranked #40,251 today. I guess that makes my book about 100* more popular than yours. What? Oh... damn.

Tue, 14 Feb 2006 at 18:58:26 GMT Link

3.Chris Shiflett said:

I hope you enjoy it, Nate. :-)

Dan, I guess I don't use the term correctly - I just meant that it was mentioned on Slashdot. Luckily, the server's doing fine, although there was quite a traffic spike.

I got a free copy of "Apache Derby: Off to the Races" at ApacheCon - it's a nice hardcover book, unlike the flimsy things the rest of us offer. I'm sure a good Slashdotting (errr, a mention on Slashdot) will boost the sales rank. :-)

Tue, 14 Feb 2006 at 19:06:48 GMT Link

4.Joe Lewis said:

Chris: I'm ready to see the follow-up: PHP Security, The Definitive Guide... ;-)

Tue, 14 Feb 2006 at 20:22:28 GMT Link

5.bryan said:

How about a "PHP Security, 'Nuff said" ?

Tue, 14 Feb 2006 at 21:52:57 GMT Link

Hello! What’s your name?

Want to comment? Please connect with Twitter to join the discussion.

Work and Books

Analog Essential PHP Security HTTP Developer's Handbook