Ilia Alshanetsky posted his talks over the PHP|Tek 2007. The two tutorials took 6 hours of talking, waw ! And it’s quite interesting. One of the tutorials is about Securing PHP Applications (PDF) and include a security roundup for PHP application development. “Security is a road, not a destination!” is self explanatory.
There are some recommendations that I find very useful for example about reducing the number of PHP extension currently installed, also about securing sessions and files and how to protect your scripts from injections, XSS and different kind of exploits. Ilia is author of php|architect’s Guide to PHP Security, an excellent security reference for PHP developer, check it out if you are looking for more detailed PHP security analysis.
