| Re: Adding a record to a database [message #175146 is a reply to message #175140] |
Tue, 16 August 2011 21:24  |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 8/16/2011 4:13 PM, sheldonlg wrote:
> On 8/15/2011 9:50 PM, Jerry Stuckle wrote:
<snip>
>> Which is about as insecure as you can get. I hope this isn't how you're
>> coding for your "Fortune 500" company. If so, I pity them.
>
> What part of "Besides all the excellent advice already given to you"
> didn't you understand? I was only addressing that it is $_POST, not push.
>
> As to the other part, no, I don't. However, even if I did, it wouldn't
> be much of a big deal as all that coding is for an intranet behind a
> very secure firewall.
>
And you NEVER have any problems behind a "very secure firewall"? Let me
clue you, Sheldon - the most common hacks still come from internal
sources - disgruntled employees, etc. - behind your "secure firewall".
You just don't hear about them because the companies don't broadcast why
they fired someone (unless it's a very big hack). And ANY security
professional will tell you to NEVER depend on just one layer of security
- always build multiple layers into the system.
Just because it's behind "a very secure firewall" is NOT a reason to
ignore standard security practices!
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]