Re: [PHP] Re: security/sql issues with php
have you tried googling on +"application framework" +php.. that seems like what you're looking for and several of these projects are "commercial-grade" and open source. i use dbasis as my application framework and highly recommend it -- its a component of the syntaxCMS project. i have also used blueshoes and mambo before on other sites here's an o'reilly article to get you started http://www.oreillynet.com/pub/wlg/6029 - schnippy On 9/21/05, bruce <[EMAIL PROTECTED]> wrote: > > i would have thought (perhaps wrongly) that someone would have created a > series of functions/routines and wrapped them in a package/lib to deal > with > the security issues that i've raised!! > > but i have to tell you. i've looked at some open source classess/apps that > aren't that strong. in fact, some simply have no real checks on the data > types/structure of the data being inserted into the db at all... > > and aaron, your app is a commercial app. for now, we're looking in the > open > source area where we can get to the underlying source. > > -bruce > > > -Original Message- > From: Aaron Greenspan [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 21, 2005 7:18 AM > To: php-general@lists.php.net > Subject: [PHP] Re: security/sql issues with php > > > Bruce, > > If you're looking for commercial-grade open-source packages, I think > you're going to have a pretty hard time finding much. Most > commercial-grade software is...commercial. The truly robust open-source > packages, i.e. Mozilla, MySQL, JBoss, BerkeleyDB, etc., are backed by > some sort of commercial, or at the very least, corporate, entity. The > rest, more often than not, are not commercial-grade; the support > structures that companies require just don't exist for those packages. > > I've offered to help you before via our commercial framework, Lampshade, > which handles I'd say 98% of everything you want, and can be easily > customized or added to in order to handle the remaining 2%. It's not > open-source, but it also doesn't need to be since the documentation is > so extensive. It's used in applications for all sorts of organizations > from Harvard University to companies traded on the NYSE. There may be > other open frameworks that are used just as widely--I would venture to > guess phpNuke and the-CMS-formerly-known-as-Mambo--but as you've > discovered, they don't do half of the things you'd like to see all in > one place. Also, Mambo's political machinations are a good example of > what you don't want to see in a commercial-grade product. > > If you want to keep searching, I suppose no one's going to stop you. I'm > just afraid it's not out there. Anyone, correct me if I'm wrong. > > Best of luck, > > Aaron > > Aaron Greenspan > President & CEO > Think Computer Corporation > > http://www.thinkcomputer.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
RE: [PHP] Re: security/sql issues with php
i would have thought (perhaps wrongly) that someone would have created a series of functions/routines and wrapped them in a package/lib to deal with the security issues that i've raised!! but i have to tell you. i've looked at some open source classess/apps that aren't that strong. in fact, some simply have no real checks on the data types/structure of the data being inserted into the db at all... and aaron, your app is a commercial app. for now, we're looking in the open source area where we can get to the underlying source. -bruce -Original Message- From: Aaron Greenspan [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 21, 2005 7:18 AM To: php-general@lists.php.net Subject: [PHP] Re: security/sql issues with php Bruce, If you're looking for commercial-grade open-source packages, I think you're going to have a pretty hard time finding much. Most commercial-grade software is...commercial. The truly robust open-source packages, i.e. Mozilla, MySQL, JBoss, BerkeleyDB, etc., are backed by some sort of commercial, or at the very least, corporate, entity. The rest, more often than not, are not commercial-grade; the support structures that companies require just don't exist for those packages. I've offered to help you before via our commercial framework, Lampshade, which handles I'd say 98% of everything you want, and can be easily customized or added to in order to handle the remaining 2%. It's not open-source, but it also doesn't need to be since the documentation is so extensive. It's used in applications for all sorts of organizations from Harvard University to companies traded on the NYSE. There may be other open frameworks that are used just as widely--I would venture to guess phpNuke and the-CMS-formerly-known-as-Mambo--but as you've discovered, they don't do half of the things you'd like to see all in one place. Also, Mambo's political machinations are a good example of what you don't want to see in a commercial-grade product. If you want to keep searching, I suppose no one's going to stop you. I'm just afraid it's not out there. Anyone, correct me if I'm wrong. Best of luck, Aaron Aaron Greenspan President & CEO Think Computer Corporation http://www.thinkcomputer.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: security/sql issues with php
Bruce, If you're looking for commercial-grade open-source packages, I think you're going to have a pretty hard time finding much. Most commercial-grade software is...commercial. The truly robust open-source packages, i.e. Mozilla, MySQL, JBoss, BerkeleyDB, etc., are backed by some sort of commercial, or at the very least, corporate, entity. The rest, more often than not, are not commercial-grade; the support structures that companies require just don't exist for those packages. I've offered to help you before via our commercial framework, Lampshade, which handles I'd say 98% of everything you want, and can be easily customized or added to in order to handle the remaining 2%. It's not open-source, but it also doesn't need to be since the documentation is so extensive. It's used in applications for all sorts of organizations from Harvard University to companies traded on the NYSE. There may be other open frameworks that are used just as widely--I would venture to guess phpNuke and the-CMS-formerly-known-as-Mambo--but as you've discovered, they don't do half of the things you'd like to see all in one place. Also, Mambo's political machinations are a good example of what you don't want to see in a commercial-grade product. If you want to keep searching, I suppose no one's going to stop you. I'm just afraid it's not out there. Anyone, correct me if I'm wrong. Best of luck, Aaron Aaron Greenspan President & CEO Think Computer Corporation http://www.thinkcomputer.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
