PHP: Vulnerabilities and Solutions

The vulnerabilities are found not only in the programming language syntax and core but also in the coding style of the programmer. It is necessary to welcome good coding practice with security in mind for every programmer and programming language student. In this work, a 5-steps model is proposed that can improve the coding style of the programmers and also help build secure web applications. This paper concentrates on practical implementation of server-side and client-side vulnerabilities and their solutions backed by two web applications developed using PHP. The first web application follows poor programming practice whereas the second web application follows 5-steps model with other recommendations. Both of the web applications were scanned using open source “man-in-the-middle” proxy tool and the outcome showed that following 5-steps model and using latest programming constructs and functions improve the coding practice dramatically and results in a secure web application.