WebApp Sec mailing list archives

Re: Languages/platforms used for Web apps. Any stats?

From: Ben Sytko <bsytko () gmail com>
Date: Sat, 25 Jun 2005 11:05:31 -0400

One of the problems here also, its that its possible with PHP to make
insecure programs that run just fine. You can code away for days with
seemingly great working program, but if you don't take the precautions
to prevent attacks, its a recipe for disaster. As others have said,
its about knowing where the security risks are, and taking the steps
to prevent them. Using htmlentities() is a good step to help prevent
XSS, and being sure to turn off register_globals helps as well.

And Andrew, in PHP5, there is a new error flag, E_STRICT, which throws
warnings when you use deprecated functions. See:

http://us2.php.net/manual/en/ref.errorfunc.php#errorfunc.constants

-Ben

Current thread:

Re: Languages/platforms used for Web apps. Any stats?, (continued)
- - - Re: Languages/platforms used for Web apps. Any stats? Mamading Ceesay (Jun 26)
- Re: Languages/platforms used for Web apps. Any stats? Andrew van der Stock (Jun 24)
- Re: Languages/platforms used for Web apps. Any stats? focus (Jun 24)
  - Re: Languages/platforms used for Web apps. Any stats? Steve McCullough (Jun 26)
- Re: Languages/platforms used for Web apps. Any stats? Rob Lanphier (Jun 25)
  - Re: Languages/platforms used for Web apps. Any stats? Gary Warner (Jun 25)
- Re: Languages/platforms used for Web apps. Any stats? prep (Jun 25)
  - RE: Languages/platforms used for Web apps. Any stats? Mark Curphey (Jun 25)
    - RE: Languages/platforms used for Web apps. Any stats? Steve Slater (Jun 25)
    - Re: Languages/platforms used for Web apps. Any stats? Adam Shostack (Jun 25)
    - Re: Languages/platforms used for Web apps. Any stats? Ben Sytko (Jun 25)
    - RE: Languages/platforms used for Web apps. Any stats? Mark Curphey (Jun 25)