NYCPHP Meetup

NYPHP.org

[nycphp-talk] Book recommendations - security, object-oriented programming

Baer, Jon jbaer at VillageVoice.com
Thu Jul 6 11:15:34 EDT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

For 1 Id highly recommend Chris Shifflet's book Essential PHP Security
...

http://phpsecurity.org/

There are a few free chapters there ... 

For your second question it would probably be worth while to check out a
few open source PHP frameworks like CakePHP or Symfony + look over there
techniques and hop on the mailing lists and post a few specific
questions, a good example is the Security component in CakePHP, much of
your "filtering" and "sanitizing" should be something you should not
have to code up yourself.  

Also a good resource is http://www.owasp.org

- - Jon

- -----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
On Behalf Of Aaron Fischer
Sent: Thursday, July 06, 2006 11:08 AM
To: NYPHP Talk
Subject: [nycphp-talk] Book recommendations - security,object-oriented
programming

Greetings,

I'm working on a project that has me thinking about purchasing one or
two books.  The topics I'm interested in are:

1.  Security.  Discussion of practices for password storage and
retrieval.  Transmission of data in a secure manner, e.g. encrypted,
https, certificates, etc.  Also methods of cleaning/filtering/scrubbing
data received from web forms.

2.  Getting up and running with object-oriented programming in PHP.

Detail:

1.  The project I am working on will allow users to create accounts.  I
need to think about the best way to store their passwords and allow them
to retrieve if lost, change if they so desire, etc.  As the information
is somewhat sensitive there is a possibility I will need to be passing
it via https vs. http.  Scrubbing and filtering the data to make sure
nobody is intentionally or accidentally messing with my application.

2.  To date I have been working primarily with procedural programming
techniques.  I am considering the benefits of object-oriented code for
this project.  Ideally the book would include a discussion of benefits
of using object-oriented code.

Thanks,

- -Aaron
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
New York PHP Conference and Expo 2006
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)

iD8DBQFErSkW99e5DI8C/rsRAmpfAJ0b9h3k6wTWWqS9Qf+1r8Cl8lWPkgCgi/p5
qgtZzJ0z6/GSlsOs336uD7k=
=eHuL
-----END PGP SIGNATURE-----

More information about the talk mailing list