The Internet is a dangerous place for applications. In fact, it is reasonable to say that you couldn’t create a less secure system if you tried. It is anonymous, uncontrolled, always on, and instantly accessible from anywhere. This is a world where every bad actor, cracker, script kiddie, and scam artist is your neighbor, and it is stupendously difficult to deny them access to your front door.

And those are just the human threats. Any one person can control hundreds or thousands of distributed systems by means of scripting and techniques designed for clustered computing.

Automated systems that make network requests, sometimes called robots, can be operated legitimately, as in the case of Google indexers or Akamai media proxies, but they can also be put to nefarious ends. Distributed Denial of Service attacks are a crude form of this; more sophisticated robots post advertisements on message boards, index prices across a wide range of e-commerce sites, or hijack processing cycles and bandwidth from other systems.

Despite the protection we apply in terms of firewalls and spam filters, the Internet remains a hostile environment. TCP/IP is insecure by design, and intentionally so. Any system between you and a network server can read and modify the packets you send. In some cases, as with Network Address Translation, they’re supposed to. In other cases—firewall content filtering comes to mind—the ability to change the payload of packets lies outside of any specification or guidelines. And the problem isn’t limited to modification by intermediaries. Packets can be arbitrarily generated to look as though they come from somewhere else.

In a way, this inherent insecurity is a gift to the talented programmer; it forces you to leave your assumptions behind, and invent creative methods of mitigating threats and recovering from the misuse or abuse of your application. The wise programmer will see this as a benefit, not a hindrance. The lack of an easy fix means that a well-written online application must be robust, resistant to abuse, and easy to change as new threats are discovered. Secure practices must be incorporated at every level: on the system, in the code, and throughout the interface.

In PHP, we have an amazing tool for dealing with this incredibly strange situation. Not only is PHP an extremely flexible and powerful language, but it was written specifically for online applications. It therefore includes a number of features that are designed to protect you from common exploits. Unfortunately, the combination of power and ease of use embodied by the language makes it a prime candidate for misuse, as both people who are new to programming and seasoned coders used to working in a more structured environment make mistakes or assumptions that expose their application, or the systems behind it, to attackers.

We present this book partially as a guide to help you understand the wide variety of ways in which online applications, specifically client and server pplications written in (or scripted with) PHP, are vulnerable to attack and misuse. We therefore sometimes discuss secure practices in general, without any particular reference to PHP. More important, however, we also focus on how the PHP programming language can help your efforts at security, and so we aim to provide PHP developers with an everyday toolset of secure coding practices and security-related subsystems that can be used to build secure, or at least manageably secure, applications.