Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
PHP Güvenlik Notları
Search
Hidayet Doğan
November 07, 2012
Programming
0
1.3k
PHP Güvenlik Notları
XVII. Türkiye'de İnternet Konferansı - Anadolu Üniversitesi, Eskişehir
Hidayet Doğan
November 07, 2012
Tweet
Share
More Decks by Hidayet Doğan
See All by Hidayet Doğan
Swoole ile Asenkron PHP
hdogan
0
800
Asenkron PHP
hdogan
0
1.6k
PHP Senfoni Orkestrası: Composer
hdogan
1
440
PHP ile Soket Programlama ve Ağ Servisleri
hdogan
5
4.4k
CakePHP ile Pasta Pişirmek
hdogan
1
890
PHP 101
hdogan
1
750
Web Uygulamalarında Güvenlik
hdogan
1
510
Phalcon - Eklenti olarak sunulan PHP çatısı - PHP Günleri 2013#1
hdogan
5
1.6k
İnsanlar için PHP
hdogan
0
560
Other Decks in Programming
See All in Programming
令和最新版Android Studioで化石デバイス向けアプリを作る
arkw
0
410
AWS CDKの推しポイントN選
akihisaikeda
1
240
tparseでgo testの出力を見やすくする
utgwkk
2
230
モデル駆動設計をやってみよう ワークショップ開催報告(Modeling Forum2025) / model driven design workshop report
haru860
0
270
C-Shared Buildで突破するAI Agent バックテストの壁
po3rin
0
390
Integrating WordPress and Symfony
alexandresalome
0
150
AIエンジニアリングのご紹介 / Introduction to AI Engineering
rkaga
8
2.9k
Findy AI+の開発、運用におけるMCP活用事例
starfish719
0
1.1k
20251127_ぼっちのための懇親会対策会議
kokamoto01_metaps
2
440
Canon EOS R50 V と R5 Mark II 購入でみえてきた最近のデジイチ VR180 事情、そして VR180 静止画に活路を見出すまで
karad
0
120
chocoZAPサービス予約システムをNuxtで内製化した話
rizap_tech
0
140
ハイパーメディア駆動アプリケーションとIslandアーキテクチャ: htmxによるWebアプリケーション開発と動的UIの局所的適用
nowaki28
0
420
Featured
See All Featured
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Build The Right Thing And Hit Your Dates
maggiecrowley
38
3k
Large-scale JavaScript Application Architecture
addyosmani
515
110k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
359
30k
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
Learning to Love Humans: Emotional Interface Design
aarron
274
41k
Code Reviewing Like a Champion
maltzj
527
40k
Leading Effective Engineering Teams in the AI Era
addyosmani
8
1.3k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.1k
The Pragmatic Product Professional
lauravandoore
37
7.1k
Building Adaptive Systems
keathley
44
2.9k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Transcript
PHP Güvenlik Notları Friday, November 9, 12
PHP Güvenlik Notları Kod Okunurluğu PHP Ayarları SQL Injection Cross-site
Scripting (XSS) Cross-site Request Forgery (CSRF) Friday, November 9, 12
Kod Okunurluğu Friday, November 9, 12
PHP Ayarları Her zaman: register_globals = Off allow_url_include, allow_url_fopen error_reporting,
display_errors, log_errors Friday, November 9, 12
SQL Injection SELECT * FROM tablo WHERE id = $id
register_globals = Off mysql_real_escape_string, pg_escape_string, PDO filter_input, filter_var Typecasting (integer) (boolean) (double) (float) addslashes = Yeterli değil! Friday, November 9, 12
Cross-site Scripting (XSS) include($dosya); echo $kullanicidan_gelen_veri; register_globals = Off allow_url_include
= Off basename, realpath, preg_match htmlspecialchars, htmlentities, strip_tags Friday, November 9, 12
Cross-site Request Forgery (CSRF) <img src=”http://adres.com/gonder.php?yorum=Örnek”> Oturum bazlı doğrulayıcı anahtarlar
(token) $_SERVER[‘HTTP_REFERER’] kontrol Ajax: $_SERVER[‘HTTP_X_REQUESTED_WITH’] kontrol Friday, November 9, 12
Sorular? Friday, November 9, 12
PHP ve Web Güvenliği ezber kartları! Friday, November 9, 12
Teşekkürler! http://php.net/manual/tr/security.php http://shiflett.org/php-security.pdf http://hi.do http://github.com/hdogan Twitter @hdogan Friday, November 9,
12
hdogan
arkw
akihisaikeda
utgwkk
haru860
po3rin
alexandresalome
rkaga
starfish719
kokamoto01_metaps
karad
rizap_tech
nowaki28
iamctodd
maggiecrowley
addyosmani
bermonpainter
chriscoyier
aarron
maltzj
tammyeverts
lauravandoore
keathley
marcelosomers
