12-23-2005, 10:24 AM
Quote:PHP's availability, ease of use, and support makes it the first choice for many budding developers. Yet the potential for the unwary coder to overlook certain key aspects of security lands countless developers in hot water...
Unvalidated Input Errors...
Access Control Flaws...
Session ID Protection...
Cross Site Scripting (XSS) Flaws...
SQL Insertion Vulnerabilities...
Error Reporting...
Data Handling Errors...
full article: http://www.sitepoint.com/article/php-security-blunders