Little Bobby Tables Isn’t Welcome Here
Making the top page of Hacker News is every developer’s dream—unless it’s because you were hacked.
The OWASP Top Ten is required reading for every modern PHP developer. It enumerates the things to not do while building an application. Still, it’s easy to trip up and accidentally violate a rule you think you’ve followed.
Together, we’ll walk through a pre-built PHP application to find both where it’s blundered and how to fix its fatal mistakes.
Attendees will need:
- A local PHP installation, preferably 7.2 but 7.1 at the absolute minimum
- The PHP installation must support SQLite with the PDO SQLite extension
- If running 7.1, the Libsodium extension is required.
On a Mac, this can be fully satisfied with ‘brew install PHP’
On other systems, this can be accomplished using Docker: ‘docker pull PHP’
If you are using any other system installed with Homebrew or Docker, you are responsible for ensuring it’s functional and has support for both SQLite via PDO & Libsodium.