FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » query: how many use PHP for linux scripts
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: query: how many use PHP for linux scripts [message #185949 is a reply to message #185944] Thu, 15 May 2014 12:08 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 5/15/2014 4:07 AM, crankypuss wrote:
> On 05/14/2014 01:54 PM, JEDIDIAH wrote:
>> On the other hand, PHP has gained itself a reputation for being
>> the modern day equivalent of Sendmail or BIND in terms of being a
>> security disaster.
>
> I think that's mostly because of builtin session support and its
> tendency to be used for mySQL queries that occur clear-text in the url.

I have to disagree here. Languages are neither secure nor insecure.
Programs are, though.

I think it's more because there are too many people like TNP who call
themselves "programmers" but have no business being near a computer.
PHP is a relatively easy language to learn, but like any language, you
have to know what you're doing to write secure code. Too many people
stop learning before they get to that point.

That's a great part of what quality control and testing is about - not
only feeding the code good input to ensure it responds correctly, but
also feeding it bad input to ensure the code rejects it properly.

But way too many people only check responses to "good" data, and don't
ensure "bad" data is properly rejected. The result is things like SQL
injection and other security issues.

--
==================
Remove the "x" from my email address
Jerry Stuckle
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: How to get the POST name of a field in a form that uses a counter
Next Topic: PHP-SOAP/5.4.21 SoapClient terminating POST without waiting for reply, but still complaining "error fetching http headers".
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 30 11:59:28 GMT 2024

Total time taken to generate the page: 0.04368 seconds