How to start writing secure PHP code

// Some basics of writing #secure   #code  from Nathan Good at IBM

1) Validate input
2) Guard your file system
3) Guard your database
4) Guard your session data
5) Guard against Cross-Site Scripting (XSS) vulnerabilities
6) Verify form posts
7) Protect against Cross-Site Request Forgeries (CSRF)

Kind of seem obvious, but they are not to a lot of people. The full read, "Seven habits for writing secure PHP applications", here:

Tags: ,