Writing secure PHP is also known as “Never, ever, ever, under any circumstances trust your users.” Luckily, in his two part (so far) series on securing PHP, Dave Child of ILoveJackDaniels.com elaborates much more on this point.
PHP is a very easy language to learn, and many people without any sort of background in programming learn it as a way to add interactivity to their web sites. Unfortunately, that often means PHP programmers, especially those newer to web development, are unaware of the potential security risks their web applications can contain. Here are a few of the more common security problems and how to avoid them.
His examination should be especially handy for a beginner as well as for any more advanced PHP programmer who might have forgotten to be paranoid.
Fine. You win on a technicality. :)
Thanks Nicole!
And to be picky, the text of the link and some typing got me somewhere, but the actual broken link, which is specifically what I was talking about, gets us nowhere. ;-)
Well, since you already knew that it should end with ‘.com’, I’m sure it got you _somewhere_. Either way, the link is now fixed.
Your link is busted; add a .com to ilovejackdaniels
Because “http://ilovejackdaniels/” will get us nowhere.
Couldn’t agree more.
I read (andpostedon) this as well.