- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
Skill Level Advanced
- [Kevin] All developers should learn the fundamentals of security. This course will teach developers how to think about security in PHP and will provide practical solutions to protect PHP websites from the most common security threats. This course is intended for developers who already know the fundamentals of PHP and want to learn how to avoid common and costly mistakes in their code. We'll begin with an overview of the general security principles that should guide PHP development. Then we'll learn about best practices for configuring PHP and for securing the input and output to a web application. And we will walk through the most common types of attacks so that we can look at strategies and actual PHP code to prevent them from doing harm. You can incorporate these strategies and functions into your PHP projects as we go along or just sit back and watch. My name is Kevin Skoglund. I'm a web developer who's been using PHP for over 20 years. Let's get started learning how to create more secure websites with PHP.