Teaching PHP with security in mind
School of Computer and Information Science, Edith Cowan University
Computing, Health and Science
School of Computer and Information Science, Centre for Security Research
The PHP server-side scripting language has found significant popularity due to its accessibility, simplicity and affordability. With the deployment of PHP-inclusive web development environments becoming easier, universities have begun to offer units of study in the language. However, students coming from a background of HTML-based web development will often not be adequately prepared to consider the security implications associated with a powerful scripting language. It is important that students are taught to recognise and respond to the security implications of their code from an early stage, as a matter of good programming practice. This paper demonstrates how security teachings can be implemented throughout a PHP-based web development unit, and details four pertinent PHP security issues which can and should be addressed in such a unit.