On Sat, 2006-04-08 at 21:34 -0700, Marc Shapiro wrote: > I recently installed php4 (4.3.10-16) since I am about to bite the > bullet and pay for hosting of my web-site and the hosting service > (1&1.com) only allows php3, php4, or php5 with its least expensive > service. I am now going to teach myself php so that I can make use of > the service if need be. I keep seeing posts, however, about security > issues with "badly written" php scripts. Can someone point me to some > info explaining what the security issues are so that I don't end up > writing scripts that will be a security risk.
I think a PHP mailing list would be the appropriate place for this question, not debian-user. For secure programming tips, go to google, type in "writing secure php" and click "I'm feeling lucky." If you have to learn a language, you might want to think about using python-hosting.com or some other place that supports Django (http://djangoproject.com) and RubyOnRails (http://rubyonrails.org) as well as PHP. IMHO, PHP is one of the uglier languages out there. These two frameworks are written in much more beautiful/powerful languages (python and ruby, respectively), and take care of a lot of the tedium involved in developing web apps - Django especially. -davidc -- gpg-key: http://www.zettazebra.com/files/key.gpg
signature.asc
Description: This is a digitally signed message part
