You are here: Re: [PHP] Issues with News sites again... « PHP « IT news, forums, messages
Re: [PHP] Issues with News sites again...

Posted by John Nichel on 09/14/05 18:07

Jay Blanchard wrote:
> [snip]
> I would be very worried about the quality of any reply that posts a link
> that says the opposite of what the person is saying. Nowhere in that link
> did I see them say that turning on the globals was a security issue. The
> page said the misuse of the globals was the security risk due to forgetting
> to initialize variables and then goes on to show examples of the issue risks
>
> if the globals aren't properly initialized. The security issues fall on the
> web designer not the ISP or PHP, ISP and PHP doesn't control if I forget to
> initialize something in my PHP scripts. The first two paragraphs even state
> that it is a web designer's problem (not in so many words though).
> [/snip]
>
>
> At the risk of starting another globals holy war, the reply that you

Trouble maker.

> received was a generalization that reflects the potential (<---- NOTE THAT)
> security risks from having register globals 'on'. The poster was essentially
> correct, misuse of globals opens up a whole can of potential security
> issues. I will refer you to several good PHP security resources at
> http://www.shiflett.org

At the risk of inflating Chris' ego, I second that referal. ;)

--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
john@kegworks.com

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация