On Mon, 02 May 2005, Thijs Kinkhorst wrote: > Your viewpoint requires shell access for webmasters and that creates extra
Why? It is not too difficult to make your PHP scripts use ../include/foo for their includes, and that is all it takes to get the crap out of the exported tree. > dependencies many of the more affordable webhosts do not offer. As many > good PHP applications show, it's perfectly well possible to meet the > upload-only requirement in a sane manner. There is *no* such a thing. good application != functional application, the requirements are much, much higher. And at least sane error handling, sane memory and resource consumption, and above all, sane interfaces to other systems (ever took a look on the php4 LDAP module?) are required in my book. > There are always applications that are dangerous to install, but they > would of course not adhere to good design practice in the first place. The real problem is that too much web applications suffer for the most idiotic, error-prone, dangerous programming practices we know of, and PHP applications are a huge chunk of those. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
