Andrew Hutchings wrote:
I prefer prepared statements and would use them all the time if
it wasn't for the fact that those queries aren't cached until
recent versions of MySQL 5.1
Use PDO. It emulates prepared statements and doesn't avoid the query cache:
At 11:23 AM -0400 7/4/07, Andrew Hutchings wrote:
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Mark Kelly) wrote:
Hi.
On Wednesday 04 July 2007 13:01, Andrew Hutchings wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
Its written by Chris Shiflett, isn't that
Andrew Hutchings wrote:
Avoid the O'Reilly one as it is flawed.
Hollow claims are disrespectful and harmful to professional discourse.
Perhaps you are motivated to persuade others that this is true and will
do so at any cost, even if it means spreading misinformation. I'm aware
of one person who
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Ross) wrote:
http://amazon.co.uk/s/ref=nb_ss_w_h_/203-1671317-2810350?initialSearch
=1url=search-alias%3Dapsfield-keywords=php+securityGo.x=0Go.y=0Go
=Go
looking at the top 3 on the list here, personally I quite like the
O'Reilly books.
Hi.
On Wednesday 04 July 2007 13:01, Andrew Hutchings wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Mark Kelly) wrote:
Hi.
On Wednesday 04 July 2007 13:01, Andrew Hutchings wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
Its written by Chris Shiflett, isn't that enough reason?
--
Andrew Hutchings - LinuxJedi -
On Wed, 2007-07-04 at 11:23 -0400, Andrew Hutchings wrote:
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Mark Kelly) wrote:
Hi.
On Wednesday 04 July 2007 13:01, Andrew Hutchings wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
Its written by Chris Shiflett,
Andrew Hutchings wrote:
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Mark Kelly) wrote:
Hi.
On Wednesday 04 July 2007 13:01, Andrew Hutchings wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
Its written by Chris Shiflett, isn't that enough reason?
There's no need
this is getting good; i want to know why its *flawed* now too.
no pressure :)
-nathan
On 7/4/07, Stut [EMAIL PROTECTED] wrote:
Andrew Hutchings wrote:
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Mark Kelly) wrote:
Hi.
On Wednesday 04 July 2007 13:01, Andrew Hutchings wrote:
In article
[EMAIL PROTECTED]quickshift
[EMAIL PROTECTED] (Nathan Nobbe) wrote:
--=_Part_178329_18179255.1183569772294
Content-Type: text/plain; charset=ISO-8859-1;
format=flowedContent-Transfer-Encoding: 7bit
Content-Disposition: inline
this is getting good; i want to know why its
Andrew Hutchings wrote:
In article
[EMAIL PROTECTED]quickshift
[EMAIL PROTECTED] (Nathan Nobbe) wrote:
--=_Part_178329_18179255.1183569772294
Content-Type: text/plain; charset=ISO-8859-1;
format=flowedContent-Transfer-Encoding: 7bit
Content-Disposition: inline
this is getting
Hi Andrew,
Wednesday, July 4, 2007, 4:23:38 PM, you wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
Its written by Chris Shiflett, isn't that enough reason?
No, not really. The errata are clearly published online, and while you
could argue that some of them shouldn't have
files be accessed by this user...
so.. i ask again.. are you sure about this..
-Original Message-
From: Andrew Hutchings [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 04, 2007 10:39 AM
To: php-general@lists.php.net
Subject: Re: [PHP] Re: php security books
In article
[EMAIL PROTECTED
the root user issue aside, i still dedicate a separate file in /var/log
for my php apps.
-nathan
On 7/4/07, Andrew Hutchings [EMAIL PROTECTED] wrote:
In article
[EMAIL PROTECTED][EMAIL PROTECTED]
(bruce) wrote:
andrew...
¾
are you sure about this... i would have thought that if you have
In article
[EMAIL PROTECTED][EMAIL PROTECTED]
(bruce) wrote:
andrew...
are you sure about this... i would have thought that if you have an
apache user 'apache' and allow php to be run as/by 'apache' than this
would providecomplete access to anything php needs to do as 'apache'.
Logging
In article
[EMAIL PROTECTED]quickshifti
[EMAIL PROTECTED] (Nathan Nobbe) wrote:
[EMAIL PROTECTED]
Content-Type: text/plain; charsetãO-8859-1;
format\owedContent-Transfer-Encoding: quoted-printable
Content-Disposition: inline
the root user issue aside, i still dedicate a separate file
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Richard Davey) wrote:
Hi Andrew,
Wednesday, July 4, 2007, 4:23:38 PM, you wrote:
Avoid the O'Reilly one as it is flawed.
In what way?
Its written by Chris Shiflett, isn't that enough reason?
No, not really. The errata are
On Wed, Jul 04, 2007 at 11:36:06AM -0700, bruce wrote:
andrew...
are you sure about this... i would have thought that if you have an apache
user 'apache' and allow php to be run as/by 'apache' than this would provide
complete access to anything php needs to do as 'apache'.
this should
Hi Andrew,
Wednesday, July 4, 2007, 8:29:51 PM, you wrote:
I have no doubt he is a great bloke and a great public speaker / PR
for PHP application level security, I apologise if it sounded like
FUDing (why does that sound dirty?). I just don't like / agree with
his book or some of the
In article [EMAIL PROTECTED]
[EMAIL PROTECTED](Richard Davey) wrote:
I actually agree with you about Ilia's book, it is the best of the
three available (the Pro PHP Security one is certainly the worst),
although there are areas where even Ilia basically shrugs his
shoulders in the text and
20 matches
Mail list logo
