Re: [uug] Fwd: recommendations on book to buy, please

Wed, 26 Feb 2003 12:03:28 -0800

i don't know enough about PHP to know what "dynamic function call is." can you explain that in a paragraph so that i'll know when i come across it?

thank you.

On Wednesday, February 26, 2003, at 12:54 PM, Tim Blalock wrote:

Just make sure that you don't use dynamic function calls, that is a rather
large security hole. Other than that I don't think there is a problem.
Tim Blalock
[EMAIL PROTECTED]


-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of Wade Preston Shearer
Sent: Wednesday, February 26, 2003 11:58 AM
To: [EMAIL PROTECTED]
Subject: Re: [uug] Fwd: recommendations on book to buy, please


i'd like some expounding on this as well...

do i need worry about security if i'm not doing anything secure or any
credit card stuff?

if i'm just using php to display dynamic content in templates, are
there big
security issues that i need to consider?


On Wednesday, February 26, 2003, at 10:10 AM, Dan Reese wrote:

Care to elaborate any?  Either on the list or in an article?  I'm
curious
since I'm considering designing my own site.
--Dan

<snip>
O'Reily's _Programming PHP_ is a great general purpose PHP book.
However,
I have yet to find a book that will endow you with knowledge necesary
to
produce "safe" PHP web-sites. If you don't look into this first, you
will
most definitely have security holes when you build your first PHP site
(which is why we redid the UUG site). X-site scripting is the biggest
problem.

--Dave


--
http://www.fastmail.fm - Email service worth paying for. Try it for
free

____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list



____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list


____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list



____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list

Reply via email to