Tutorial: Securing Web Applications (PHP)
http://www.acsac.org/2008/program/tutorials/view.php?t=2
WebAppSec.php: Securing PHP Web Applications
A full-day tutorial taking place on December 8, 2008 at the Annual Computer Security Applications Conference (ACSAC) in Anaheim, California.
Web applications are the new frontier of wide-spread security breaches. This tutorial will guide you through development practices to ensure the security and integrity of your application, in turn protecting user data and the infrastructure the application runs on. Several attack types will be reviewed, along with how the proper development practices can mitigate their damage. Although the tutorial targets the security of PHP-based applications, much of the content is applicable to other programming languages as well.