Following steps as the general outline of the Article
- General Utilizes Input Handling: This section deals with general aspects that how to handle utilizes input, how to filter and validate it, so it does not contain any malicious data.
- File Handling covers security aspects related to file handling. For example, it gives details on how PHP handles access to files on remote systems and the associated risks.
- Include Files: The PHP include statement allows programmer to include the contents of other files into a script. This section mainly takes care of the risks that the contents of these include files is exposed to attackers and the risk that attackers exploit improper usage of the include statement for injecting their own code.
- Command Handling: This section deals with security aspects related to commands that are passed to and are executed by the system shell.
- Databases: Typical security issues of database systems like SQL injection attacks are part of this section.
- Sessions: Information about how to properly utilize the PHP session functions constitutes this section.
- General PHP Interpreter Configuration: Finally, this section adds information on general configuration options of the PHP interpreter. Especially important are the instructions on how to configure and utilize PHP’s error reporting functionality.