中文文档
English
Spanish
French
Japanese
Brazilian
German
Turkish
Russian
Introduction »
« expect://
PHP Manual
Security
Introduction
General considerations
Installed as CGI binary
Possible attacks
Case 1: only public files served
Case 2: using cgi.force_redirect
Case 3: setting doc_root or user_dir
Case 4: PHP parser outside of web tree
Installed as an Apache module
Session Security
Filesystem Security
Null bytes related issues
Database Security
Designing Databases
Connecting to Database
Encrypted Storage Model
SQL Injection
Error Reporting
User Submitted Data
Hiding PHP
Keeping Current
