FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Lilupophilupop
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Lilupophilupop [message #176456 is a reply to message #176441] Sat, 07 January 2012 17:27 Go to previous messageGo to previous message
Thomas Mlynarczyk is currently offline  Thomas Mlynarczyk
Messages: 131
Registered: September 2010
Karma:
Senior Member
Jerry Stuckle schrieb:

> Validating all input from the user is just good programming practice.

And properly (!) escaping output (this includes stuff that goes into SQL
queries). As I see it, these two simple measures should prevent 99% of
all security vulnerabilities. I'd be interested in learning about the
remaining 1% though.

> Nothing new here - it just shows there are a lot of programmers out
> there unconcerned with security.

Indeed. But I don't understand why this is so. After all, we're not
talking about the personal homepage of some newbie showing pictures of
his dog and favourite cookie recipes. The problem exists also (if not
especially) with real big professional sites, even sites where security
is paramount (online banking), run by people who should have more than
enough money to pay competent, security-aware programmers to do the job
properly. I just don't get it.

Of course, the worst about this new SQL injection attack is certainly
that ridiculous name "Lilupophilupop".

Greetings,
Thomas

--
Ce n'est pas parce qu'ils sont nombreux à avoir tort qu'ils ont raison!
(Coluche)
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Running function in the background?
Next Topic: Magic quotes? Should I still be cautious?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Mon Nov 25 01:32:43 GMT 2024

Total time taken to generate the page: 0.04624 seconds