Lorenzo Hernandez Garcia-Hierro wrote:
Now as you know i am working in the NRG branch. The new branch has the concept of run the code without the unsecure-unefficient register_globals = On option.
This is very good news, this thing *had* to be done, thanks for doing that grunt work ! :).
Now if PHP had something like input tainting... I'm not a PHP wizard, but is there some systematic way of looking for potential SQL injections or cross-site scripting issues ?
