I was wondering if people could help me understand PHP vulnerabilities, before I begin I explain my situation.
I'm taking a 3rd year computer security course at university (for fun I have already graduated and got a job). The subject includes secure PHP programing. As an assignment we where give some insecure PHP code and asked to fix any vulnerabilities in it. There are lots of simple vulnerabilities like not sanitizing input into databases etc.
I was hope that some of the more experienced PHP hackers (if there are any floating around) could offer advice about more uncommon PHP security vulnerabilities and elegant way to avoid them.
I'm not asking for any to do my assignment (I will never post assignment code) but general advice would be appreciated. Also as part of the assignment we post the fixed code online so other class members can try and break it. So I may (I will ask my lecture before handed) post a url to the site so anyone interested can try and break my script.
(To the forum moderators, if you not cool with this please just delete this post, I don't want to upset anyone)