Hi All,
If you would like to download the presentation you can find it here:
http://www.zend.com/webinar
Reg.,
Lasitha
-Original Message-
From: Chris [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 30, 2007 11:14 AM
To: Lasitha Alawatta
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB
Hi All,
PHP Security Basics - Must-Knows for Everyone
Presenter: John Coggeshall, Zend Solutions Consultant Target audience:
Anyone who believes Security is important in Web Application development
and deployment
Duration: 45 minutes, including QA
Security is not just important when
Lasitha Alawatta wrote:
Hi All,
“PHP Security Basics - Must-Knows for Everyone”
Presenter: John Coggeshall, Zend Solutions Consultant Target audience:
Anyone who believes Security is important in Web Application development
and deployment
Duration: 45 minutes, including QA
Hi all!
One can see in every php manual and install hint, that you have to
consider security issues if you install php as a CGI, but I cannot
really imagine what this means.
What security issues?
Can someone tell me an example, what can happen?
Best regards,
Gabor
--
PHP Database Mailing
OK, so I was really bored today and started reading through some PHP
security stuff starting with the php.ini-recommended and found the register
globals off stuff. So you don't have to find it yourself, here's a direct
lift from the file:
; This is the recommended, PHP 4-style version of the
I understand that this applies to data put into a form to be submitted to
a
database (or another page, I guess), but does it also apply to
variable/value pairs passed along the URL from a hyperlink (a
href=foo/bar.php?thisVar=thisValClick here./a)? I couldn't quite get
it
from the
Thanks, Adam. All clear now.
Rich
-Original Message-
From: Adam Alkins [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 10, 2002 4:28 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP-DB] PHP Security and Code Design
I understand that this applies to data put into a form to be submitted
moreover , even if they cant see the text of the page, Your password is
going over the internet in plain text.
-Original Message-
From: Don [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 20, 2001 7:24 PM
To: php-db list
Subject: [PHP-DB] PHP security
I am writing aome PHP
But if the database is on another machine then the password is sent as plain
text over the internet, no?
-Original Message-
From: Ben Cairns [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 21, 2001 10:06 AM
To: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] PHP security
Anything
Addressed to: "s.budd" [EMAIL PROTECTED]
[EMAIL PROTECTED]
** Reply to note from "s.budd" [EMAIL PROTECTED] Wed, 21 Feb 2001 10:03:33 -
But if the database is on another machine then the password is sent as plain
text over the internet, no?
No. MySQL encrypts the password
February 2001 19:51
To: Don; php-db list
Subject: Re: [PHP-DB] PHP security
As far as I know, you can not download PHP programs without access to
download them. Meaning you need an account on the webserver, so they would
need your account user and pass before they could steal your mysql user and
pass. I
At 01:50 PM 2/20/2001 -0600, you wrote:
As far as I know, you can not download PHP programs without access to
download them. Meaning you need an account on the webserver, so they would
need your account user and pass before they could steal your mysql user and
pass.
The main issue is that
12 matches
Mail list logo
