Australian Information Security Management Conference

Document Type

Conference Proceeding


School of Computer and Information Science, Edith Cowan University, Perth, Western Australia


5th Australian Information Security Management Conference, Edith Cowan University, Perth Western Australia, December 4th 2007.


The PHP server-side scripting language has found significant popularity due to its accessibility, simplicity and affordability. With the deployment of PHP-inclusive web development environments becoming easier, universities have begun to offer units of study in the language. However, students coming from a background of HTML-based web development will often not be adequately prepared to consider the security implications associated with a powerful scripting language. It is important that students are taught to recognise and respond to the security implications of their code from an early stage, as a matter of good programming practice. This paper demonstrates how security teachings can be implemented throughout a PHP-based web development unit, and details four pertinent PHP security issues which can and should be addressed in such a unit.