Posted by Chung Leong on 02/25/06 20:01

Peter Fox wrote:
> You're right to be concerned but going about it the wrong way.
>
> *You* need to be the one dealing with the security. *You* need to
> _understand_ the threats before you can deal with them. There are
> plenty of on-line resources on PHP/MySQL and security to deal with the
> protection /mechanisms/ ...
> ...but only you can understand the /context/ in order to build a
> security model. Only you can list the bad things that could happen in
> order to deal with them in depth.

One can hardly rely on programmers to write 100% secured--or for that
matter, functional--code. It's a good idea to have a second pair of
eyes to look for potential issues. The notion that someone would do
this for free is, of course, completely absurd. It's as though SQA is
not a real profession.

• Next in forum: Re: volunteer
• Prev in forum: Stuck & Need Help with "Generate Report"
• Thread view: Re: volunteer

[Reply to this message]