Hello,
I' m currently working with the PHPDOC team on maintaining and keeping up-to-date the PHP manual. I proposed in the PHPDOC list to include some information about database security issues. It aims to be an introduction into the very basics of how to access and manipulate databases within PHP scripts. (the SQL injection was that started up this idea.) If you have any spare time to write a short paragraph or expose a commonly used bad practise which can be hascked easily or knowing a site or page that's worth reading it, please let me know! I hope you may share your valuable knowledge about this topic, because I'm not a security professional who has been around a very lot (but not a newbie). I' m about to gather as much information as possible to formulate the startings. As an ex member of this mailing list I expect your proposals, but please note that the primary goal of this article will be an overview about how to use _any database_ in a _web based_ application what to allow and what to resist, not specifically PostgreSQL. However I'm happy to receive such information, too. (I've personally never used anything else but postgres :)) If a reasonable amount of tips and hints were received related to postgres, then a database specific section would be opened in the PHP manual, too. Best regards, -- Gyozo Papp - [EMAIL PROTECTED] PS please CC me your replies! ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
