Secure Development for Mobile Apps: How to Design and Code Secure Mobile Applications with PHP and JavaScript

  • 6h 49m
  • J. D. Glaser
  • CRC Press
  • 2015


  • Describes how to account for security in mobile social applications
  • Illustrates how to apply software design best practices to mobile security
  • Explains how to ensure security through test-driven development
  • Demonstrates how to use process automation to reduce or eliminate mistakes
  • Includes a process template that can be used on any social application project


The world is becoming increasingly mobile. Smartphones and tablets have become more powerful and popular, with many of these devices now containing confidential business, financial, and personal information. This has led to a greater focus on mobile software security. Establishing mobile software security should be of primary concern to every mobile application developer. This book explains how you can create mobile social applications that incorporate security throughout the development process.

Although there are many books that address security issues, most do not explain how to incorporate security into the building process. Secure Development for Mobile Apps does exactly that. Its step-by-step guidance shows you how to integrate security measures into social apps running on mobile platforms. You’ll learn how to design and code apps with security as part of the process and not an afterthought. The author outlines best practices to help you build better, more secure software.

This book provides a comprehensive guide to techniques for secure development practices. It covers PHP security practices and tools, project layout templates, PHP and PDO, PHP encryption, and guidelines for secure session management, form validation, and file uploading. The book also demonstrates how to develop secure mobile apps using the APIs for Google Maps, YouTube, jQuery Mobile, Twitter, and Facebook. While this is not a beginner’s guide to programming, you should have no problem following along if you’ve spent some time developing with PHP and MySQL.

About the Author

J.D. Glaser is a software developer who loves building things. Circumstance led to a career in developing Windows security software and speaking all over the world on Windows forensic matters. He has trained government agencies in forensic issues and the U.S. Department of Justice has used his tools to capture and convict cybercriminals. He now specializes in building large social games in PHP and keeping players secure in cyber space.

In this Book

  • Introduction to Mobile Security Development
  • Web Application Attack Surface
  • PHP Security Anti–Patterns
  • PHP Essential Security
  • PHP Security Tools Overview
  • UTF-8 for PHP and MySQL
  • Project Layout Template
  • Separation of Concerns
  • PHP and PDO
  • Template Strategy Patterns
  • Modern PHP Encryption
  • Professional Exception and Error Handling
  • Secure Session Management
  • Secure Session Storage
  • Secure Forms and Account Registration
  • Secure Client Server form Validation
  • Secure File Uploading
  • Secure JSON Requests
  • Google Maps, YouTube, and JQuery Mobile
  • Twitter Authentication and SSL cURL
  • Secure AJAX Shopping Cart
  • Common Facebook Canvas Vulnerability Points