List of All Basic PHP Security You Need to Know | PHP Security for Beginners | PHP Security Lesson
Вставка
- Опубліковано 9 чер 2024
- In this PHP tutorial I will list all the basic PHP security you need to know, as a PHP beginner. 🙂 This will cover many of the security basics in PHP, general website security and network security, and other good coding practices in PHP. Security lessons are an important part of learning PHP, so hopefully this will help answer any question you have, when it comes to what you need to learn about security here at the beginning.
Do know that this video does NOT cover ALL security in PHP. 👈 But it is a really good starting point for beginners, to learn PHP security. 🙂
all basic security you need to know in php, all fundamental security you need to know in php, list of all basic php security you need to know, php security for beginners, security in php you need to know, php security tutorial, php security lesson, php security vulnerabilities, php security course, security basics php, website security, website security php, network security php, secure coding practices in php, php Information Security, php security complete guide
➤ LINKS
SQL Injection and Prepared Statements: • 22 | INSERT INTO Datab...
Cross-Site Scripting (XSS): • 6 | The Basics of PHP ...
Cross-Site Request Forgery (CSRF): (No link)
File Upload Security: (No link)
Password Storage and Hashing: • 27 | Hashing Using PHP...
Input Validation and Data Sanitization: • 6 | The Basics of PHP ...
Error Handling and Information Leakage: (No link)
Session Security: • 26 | Session Security ...
➤ TIMESTAMPS
00:00:00 - Introduction
00:00:56 - SQL Injection and Prepared Statements
00:02:42 - Cross-Site Scripting (XSS)
00:05:06 - Cross-Site Request Forgery (CSRF)
00:06:32 - File Upload Security
00:08:46 - Password Storage and Hashing
00:11:55 - Input Validation and Data Sanitization
00:13:49 - Error Handling and Information Leakage
00:15:58 - Session Security
➤ GET ACCESS TO MY LESSON MATERIAL HERE!
First of all, thank you for all the support you have given me!
I am really glad to have such an awesome community on my channel. It motivates me to continue creating and uploading content! So thank you!
I am now using Patreon and UA-cam Memberships to share improved and updated lesson material, and for a small fee you can access all the material either from my memberships or Patreon, depending on your preference. I have worked hard, and done my best to help you understand what I teach.
I hope you will find it helpful :)
Memberships: / @dani_krossing
Patreon: / mmtuts
Do know that this video does NOT cover ALL security in PHP. 👈 But it is a really good starting point for beginners, to learn PHP security. 🙂 I have to disclaim this, since some people will inevitably skip reading the title, the description, and the intro to the video, and then proceed to tell me in the comments that "this isn't ALL security! CLICKBAIT!" 😂
I apreciate this video but why not make a video with login form or a pay out to exemplifie better the concepts.
Where can I go to find where there is something that does cover ALL security in PHP?
i\ve tried using the header function to check if the user ended up on the validation.php page without submiting the form, but it dosen't work.
i'm using 000webhost to host my test website and i think it has something to do with them,
if i use header at the end of the validation or to check if the user submited the form, i get an error saying that i'm not allowed to change header and stuff
Warning: Cannot modify header information - Header already sent by (Output started at /blog/wp-config.php:31) something llike this...
and, if i don't use $_server self in the action of the form, after submiting i get stuck on the white php validation page...
are this type of errors a result of webhosting or what?
another problem that i've hade, was space lines in textarea when users send a message or comment
messages with a line empty...whould not send the email
i've figured it out with a function nl2br()... found the fix on a forum...
but now i'm stuck in the email with and html characters for ? or ' and so on
@@ReptilianXHologramThe main rule with security is don't try to do everything yourself, esp. regarding encryption etc. It is better to use frameworks or plugins which are used and tested by 100,000 other developers.
@@musicisasuperpower I see your point but I just want to know the main ones I should learn about myself/the most important ones.
Dani is probably the programmer I was looking for, defies all the common programming semantics with an easy and comprehensive style. Super thanks to you man!
I keep looking forward to your videos, and like them before watching
I really learned a new staff from this video.
Thanks for the effort to show it as a video.
Great video as always, Dani! Gbu!
I really like your videos, please keep going!!
thank you for great PHP Security for Beginners
This is amazing content! Might need part 2
Very helpful tutorial thank you
Really you doing a great job Thank you
Thnx for video
Perfect.
Amazing mahn. thanks for this insightful tutorial
I have being enjoying your recent videos on php man, you are doing well, to fully grab all this concepts it would be nice you if can make a video tutorial coding an application (complex one) which will give more insight on how to implement these things. Thanks 🚀⭐
Hero! 👍
Hi, thanks.
indeed it is a good video. You all should keep it in your bookmarks browser. 👌
Very useful. Thank you so much
Super god video!
You have really helped me in writing a really good website, love your videos, very informative.
Please can I ask if you can consider writing a forgotten password video in the MVC model? I've managed to do it with the uploading gallery video you have, struggling to get forgotten password one to work in MVC model. Would appreciate the help. 🙃
You sir, are l337 ;o) Thank you.
sir you are very good to clarify everything and i get it when im only with you if i leave i don't remember even the code so plz help me out bro
We need part2
Could you extend your last PHP course by adding security based video where you actually implement those things?
Fairly new to this area. Wouldn't it be better to keep the CSRF token out of a hidden field form, and just check the session variable when the form is submitted to its script (e.g., hidden form fields contents can be easily accessed and stolen)?
CSRF works by keeping a token locally and on the server. And whenever a user performs a request, we compare the tokens to check if they match. And this can be done either using a hidden input, a custom HTTP header using JavaScript, or by passing it through the URL. 🙂 There is no danger in keeping it in a hidden input, as long as you protect against XSS attacks, and make sure not to visibly expose it all over your epplication. The only "bad thing" that happens if a user changes it using the developer tool, is that the request fails on the next page. 🙂 So worst case, the user just receives an error message.
Lemme hack you, hold my beer 😂
I know this isn't all security when it comes to PHP but would an application be really secure with only these principles in your opinion?
No. These are just the basics. This is also why many prefer frameworks, because they have “out of the box” security, since security is such a big area of PHP.
@@Dani_Krossing will you making videos going over what are frameworks?
1st
Mrbeast ????????????
its the first time that im seeing this video, but this dude looks like elon musk to much to pay attention about video content