Hi, im a bit of a newbie to php but i have created a website that successfully uses php to connect to a mysql database and pull out certain information. I have also created an admin log in system.

But something none of my books go in to detail about is security and how to protect your php/database from being hacked.

I just need some advice about security, for example are there any sure ways of protecting a website?

Many Thanks,
Sam

Hi, im a bit of a newbie to php but i have created a website that successfully uses php to connect to a mysql database and pull out certain information. I have also created an admin log in system.

But something none of my books go in to detail about is security and how to protect your php/database from being hacked.

I just need some advice about security, for example are there any sure ways of protecting a website?

Many Thanks,
Sam
I'm no expert, but here's my two cents...
There is a book specifically on PHP security. Do a search on amazon and I'm sure you'll find it. It's short and to the point.
One thing you definitely want to avoid is using any part of a url or get or post variable directly in a database query! Always use a test in your code to make sure that what you are sending to the database is legit. Otherwise, you might be vulnerable to what's called sql injection.
Another thing to stay away from is using eval on any part of a returned url, get, or post variable. Here again, use a test in your code to make sure that the variable you want to use contains only legit content.
Finally, there are ways to prevent access to directories and files that do not need to be accessible to users. Protect as much information as you can while keeping the site usable. As an example, do a search in this forum for "hide php.ini" (and use the same technique for hiding fastphp.ini).
joe

php|architect's Guide to PHP Security is the best PHP security book that I have ever read. I highly recommend it.

Amazon has it for $21.77. Good luck trying to find this in the stores. I tried everywhere that sold books, no one has it. I had to order it online.
http://www.amazon.com/php-architects-Guide-PHP-Security/dp/0973862106/ref=pd_bbs_sr_1/002-9096644-8432020?ie=UTF8&s=books&qid=1188066002&sr=8-1

Chapter 3 of the book is free to everyone, so take a sneek peak!
http://dev.mysql.com/tech-resources/articles/guide-to-php-security-ch3.pdf

You can get the entire book in PDF but it will cost you more $34.39.
http://www.phparch.com/shop_product.php?itemid=99

I also recommend signing up for php|architect's magazine. They go over many PHP issues, guides and helps. It's very cool! If you want to get into PHP more, then go for it. Amazon has it for $59.99 for 12 issues.
http://www.amazon.com/Php-Architect/dp/B0000A432X/ref=pd_bbs_sr_1/002-9096644-8432020?ie=UTF8&s=magazines&qid=1188066328&sr=1-1