Just make sure that you don't use dynamic function calls, that is a rather large security hole. Other than that I don't think there is a problem. Tim Blalock [EMAIL PROTECTED]
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Wade Preston Shearer Sent: Wednesday, February 26, 2003 11:58 AM To: [EMAIL PROTECTED] Subject: Re: [uug] Fwd: recommendations on book to buy, please i'd like some expounding on this as well... do i need worry about security if i'm not doing anything secure or any credit card stuff? if i'm just using php to display dynamic content in templates, are there big security issues that i need to consider? On Wednesday, February 26, 2003, at 10:10 AM, Dan Reese wrote: > Care to elaborate any? Either on the list or in an article? I'm > curious > since I'm considering designing my own site. > --Dan > >> <snip> >> O'Reily's _Programming PHP_ is a great general purpose PHP book. >> However, >> I have yet to find a book that will endow you with knowledge necesary >> to >> produce "safe" PHP web-sites. If you don't look into this first, you >> will >> most definitely have security holes when you build your first PHP site >> (which is why we redid the UUG site). X-site scripting is the biggest >> problem. >> >> --Dave >> > > -- > http://www.fastmail.fm - Email service worth paying for. Try it for > free > > ____________________ > BYU Unix Users Group > http://uug.byu.edu/ > ___________________________________________________________________ > List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list > ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list
