Just my recommendation, you always have to pay for quality, either a one-off for high quality, or continuous bills for poor quality.
Stephen From: David Gelvin [mailto:[email protected]] Sent: Tuesday, June 07, 2011 11:22 AM To: Uganda Linux User Group Subject: Re: [LUG] CIT Makerere website hacked Just a bit of advice for any web programmers: Use a mature web framework (something like django). There is absolutely no reason to write php scripts embedded with all sorts of raw SQL. Not only will using a framwork prevent these vulnerabilities (as every decent framework will automatically clean all your inputs for you) it will help you write much cleaner, well designed code with your URLs separate from your logic, which is separate from your templates, etc... On Tue, Jun 7, 2011 at 11:01 AM, Victor van Reijswoud <[email protected]> wrote: Yes, it is and good learning point. The damage is bigger for the ego than for the site. On Tue, Jun 7, 2011 at 10:21 AM, James <[email protected]> wrote: This is any web administrator nightmare On Tue, Jun 7, 2011 at 8:08 AM, Otandeka Simon Peter <[email protected]> wrote: Makerere University College of CIT's site gets hacked. <http://t.co/dDV0zUx> http://t.co/dDV0zUx or go to http://cit.mak.ac.ug/prospective.php In case it has been pulled down, see the attachment. Kind regards, Peter. _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way. -- U can give without loving but you can never truly love withouit giving _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way. _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
