OWASP Top 10 for PHP: A1 - Injection
Learn how to protect your code from hostile incoming data
Keeping your PHP applications secure doesn't have to be hard, you just need to be armed with the right knowledge. One of the most common issues is the damage that bad user data can cause if it makes it through your defenses - otherwise known as "injection". This course will introduce you to some of the basics of injection and give you hands-on experience at fixing one of the most common types: SQL injection.
In this lesson you'll learn:
- What injection is and the different types
- How SQL injections work
- What the primary cause of SQL injections is
- How to fix them in a PHP application
Learn in a Virtual Environment
In this lesson you'll be provided with a virtual environment where you can follow along and fix the code, giving you practical experience performing and fixing a SQL injection issue.
For the last 12+ years, Chris has been involved in the PHP community in one way or another. These days he's the Senior Editor of PHPDeveloper.org, lead author for Websec.io, a site dedicated to teaching developers about security, and the Securing PHP project. He's also written for several PHP publications and has spoken at conferences in both the U.S. and Europe on security-related topics. He's also an organizer of the Dallas PHP User Group and the Lone Star PHP Conference and works as an Application Security Engineer for Duo Security.