Can this skill help with user authentication?

It provides standardized patterns for secure password hashing using modern PHP functions and secure session management to prevent hijacking.

Is the code provided compatible with modern PHP versions?

The patterns utilize modern PHP features like strict typing and filter_var, making them ideal for PHP 7.4 through PHP 8.x environments.

Does it provide patterns for handling user-generated content safely?

Yes, it includes context-specific escaping functions for HTML, JavaScript, and URL attributes to mitigate Cross-Site Scripting (XSS) risks.

How does this skill help prevent SQL injection?

The skill guides the implementation of PDO prepared statements and parameter binding, ensuring user input is never directly interpolated into SQL queries.

PHP Security Patterns

Name: PHP Security Patterns
Author: TheBushidoCollective

byTheBushidoCollective

•

安全与测试

Implements robust security patterns in PHP applications to protect against common vulnerabilities like SQL injection, XSS, and CSRF.

This skill provides Claude with expert-level guidance on building secure PHP applications through industry-standard defense-in-depth strategies. It covers critical security domains including strict input validation, prepared statements using PDO to eliminate SQL injection, and context-aware output encoding to prevent XSS. By integrating these patterns, developers can ensure their PHP codebases follow ethical and professional security standards for handling sensitive data, authentication, and session management.

主要功能

01Context-aware output encoding for cross-site scripting (XSS) protection

0272 GitHub stars

03CSRF protection and Content Security Policy (CSP) integration

04Secure password hashing and session management implementations

05Comprehensive input validation and sanitization routines

06SQL injection prevention using PDO prepared statements

使用场景

01Hardening legacy PHP applications against modern security threats

02Implementing safe database interaction patterns for data-intensive web apps

03Building secure user authentication and registration systems

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add thebushidocollective/han php-security-patterns

For use in Claude.ai and ChatGPT

Download Skill