Chris Shiflett wrote:
>
> These are just some ideas, mind you. Many people (you sound like such a
> person) can develop their applications quite securely once they can step
> back and see the big picture and follow a few general guidelines, such
> as not trusting data from the client. In this case, the data from the
> client is like a driver's license, and rather than just use the license
> number, we're also checking their photograph and other personal
> information, so that an imposter has a more difficult time. :)
>
Thanks a lot! We have actually decided to use the fact that
Register_globals
off will end up paralyzing our legacy stuff to write a core object
system that
will be shared among all of our customers and have security built in at
very low level. So you actually did help in projecting a number of sites
security by answering to my annoying questions :)) I made sure you got
credited for this on the source docs.
Thanks again :)
Alberto
Kiev
--
@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@-_=}{=_-@
LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu?
lOrD i'M sHiNiNg...
YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is
tHe TeSt, YeS iT iS
ThE tEsT, yEs It Is.......
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
