If your application provides access to confidential information, you need to control access more carefully, employing different security mechanisms protecting your data from unauthorized access and/or modification.
In this chapter, you learned how to build secure PHP/Oracle applications using the security features of both PHP and Oracle in a complementary way. The chapter began with an example of how an easy-to-use authentication mechanism provided by the PEAR::Auth
class could be used with Oracle database security features to secure your PHP/Oracle application. Using techniques discussed in the Securing PHP and Oracle Applications section in this chapter, you will be able to build a simple, yet effective security solution for your PHP/Oracle application, even if you are using Oracle Database Express Edition.
Then we looked at how to use hashing to protect end-user passwords stored in a database table in plain text format and how view-based security techniques could be used to implement...