I'm writing a paper on examples of bad PHP code that has lead to vulnerabilities (& exploitation).
The aim is to vividly illustrate what coders should avoid when putting together PHP code - using examples of real-world deployments that have gone wrong (hi wordpress addons) and how they can be attacked, leading to XSS/sql injection/code exec/etc This comes about from seeing far too many blatantly obvious issues turning up when I'm browsing the web - and a lot of developers still don't care! If the paper turns out to be of any value, I'd like to turn it into a chat/presentation... Is anyone keen to have a look through the early stages and make constructive criticism ?? --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
