October 18, 2018
Hot Topics:

May Is Month of PHP Security

  • May 11, 2010
  • By Developer.com Staff

May is the "Month of PHP Security," and 20 security flaws have been found in the open source PHP language itself, as well as, in PHP applications.

More than half of the bugs affect PHP itself. For example, the PHP functions preg_quote() and html_entity_decode() have what's called an interruption information leak vulnerability discovered by Stefan Esser.

The Month of PHP Security is a continuation of "the effort of Hardened-PHP's Month of PHP Bugs in 2007 to improve the security of PHP and the PHP ecosystem by disclosing vulnerabilities in PHP and PHP applications on the one hand and on the other hand by publishing articles and tools that help PHP application developers to develop more secure PHP applications."

In addition to security bug notices, the group also publishes articles about how to write secure PHP applications.

One article every PHP developer should read is "Generating Unpredictable Session IDs and Hashes" by Jordi Boggiano.

View Article

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.


Thanks for your registration, follow us on our social networks to keep up-to-date