Oracle the company behind MySQL have hosted a webinar called “Top 10 MySQL Tips and Mistakes for PHP Developers” and as the title suggests its based on security aimed at PHP and MySQL developers.
I suggest every developer should watch this and learn from it because security in web applications is actually easy, just like locking your doors and windows at night is easy but also easily forgotten especially if you don’t understand the risks and trust me, the risks are everywhere.
Some of the points raised in the webinar include
- SQL injection
- Security and access control
- Monitoring for indexing and tuning
- The choice of adequate data types
- Character sets and how the your web application speaks UTF8 correctly
- Types of connections and their performance properties
- Planning for tomorrow
Although not all of the bullet points above are actually security based they are important and worth listening to.