FUDforum: comp.lang.php » Sanitizing user input

Home » Imported messages » comp.lang.php » Sanitizing user input

Show: Today's Messages :: Polls :: Message Navigator

Re: Sanitizing user input [message #169884 is a reply to message #169878]

Wed, 29 September 2010 10:57

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 9/29/2010 4:01 AM, Web Dreamer wrote:
> Jerry Stuckle a écrit ce mercredi 29 septembre 2010 00:35 dans
> <i7trad$pm8$2(at)news(dot)eternal-september(dot)org> :
>
>> On 9/28/2010 12:24 PM, Michael Fesser wrote:
>>> Depends on whether several applications should be allowed to access and
>>> use the same session data or not. Usually I want my apps separated, even
>>> if they use the same code. So each one would get its own session name if
>>> necessary.
>
> Exactly, that's why each app should always have it's own session name and
> not use the default.
>
>> And how often do you have customers who want completely separate
>> applications on a site? I've never seen one who didn't want the new
>> code integrated into their existing site.
>
> We are talking about "web applications", not "web sites".
> Small companies can not afford more servers than employees to host web apps
> (not web sites) useful for their employees.
> See my other reply in this thread.
>

That is true. And even small companies want their site to provide one
consistent interface. What you have is a bunch of different
applications thrown together with no consistency between them. No
business which knows anything about the internet would want such on
their site. And only a code hacker would build such a site.

> Once you choose a session.name, you keep the same for the whole web app of
> course (otherwise everything would brake).
> What I mean is that for a "new app" you need a "new session.name" and you
> will keep this same session.name for the whole application of course.
>
> If you do not think of choosing a session.name for an application when you
> create it, and that you are asked to install this application on a server
> which already runs other applications (not sites), you risk clashes if they
> all use the same session.name.
>

And you still run that same risk because some other application may have
chosen the same name. If you must separate your information, you should
use some prefix for your session array keys.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		Sanitizing user input By: MikeB on Fri, 24 September 2010 05:42
		Re: Sanitizing user input By: Helmut Chang on Fri, 24 September 2010 07:59
		Re: Sanitizing user input By: MikeB on Fri, 24 September 2010 15:24
		Re: Sanitizing user input By: Web Dreamer on Tue, 28 September 2010 10:11
		Re: Sanitizing user input By: Jerry Stuckle on Tue, 28 September 2010 11:21
		Re: Sanitizing user input By: Web Dreamer on Tue, 28 September 2010 13:14
		Re: Sanitizing user input By: Jerry Stuckle on Tue, 28 September 2010 15:14
		Re: Sanitizing user input By: Michael Fesser on Tue, 28 September 2010 16:24
		Re: Sanitizing user input By: Jerry Stuckle on Tue, 28 September 2010 22:35
		Re: Sanitizing user input By: Web Dreamer on Wed, 29 September 2010 08:01
		Re: Sanitizing user input By: Jerry Stuckle on Wed, 29 September 2010 10:57
		Re: Sanitizing user input By: Web Dreamer on Wed, 29 September 2010 13:47
		Re: Sanitizing user input By: Jerry Stuckle on Wed, 29 September 2010 16:21
		Re: Sanitizing user input By: Web Dreamer on Thu, 30 September 2010 07:44
		Re: Sanitizing user input By: Jerry Stuckle on Thu, 30 September 2010 12:32
		Re: Sanitizing user input By: Web Dreamer on Thu, 30 September 2010 12:51
		Re: Sanitizing user input By: Web Dreamer on Tue, 28 September 2010 16:37
		Re: Sanitizing user input By: Jerry Stuckle on Tue, 28 September 2010 22:34
		Re: Sanitizing user input By: Web Dreamer on Wed, 29 September 2010 07:54
		Re: Sanitizing user input By: Web Dreamer on Wed, 29 September 2010 08:02
		Re: Sanitizing user input By: Jerry Stuckle on Wed, 29 September 2010 11:01
		Re: Sanitizing user input By: Web Dreamer on Wed, 29 September 2010 13:15
		Re: Sanitizing user input By: Jerry Stuckle on Wed, 29 September 2010 16:22
		Re: Sanitizing user input By: Web Dreamer on Thu, 30 September 2010 07:47
		Re: Sanitizing user input By: Jerry Stuckle on Thu, 30 September 2010 12:35
		Re: Sanitizing user input By: Web Dreamer on Thu, 30 September 2010 12:57
		Re: Sanitizing user input By: alvaro.NOSPAMTHANX on Fri, 24 September 2010 08:15
		Re: Sanitizing user input By: MikeB on Fri, 24 September 2010 15:06
		Re: Sanitizing user input By: Michael Fesser on Fri, 24 September 2010 17:12

Previous Topic:	how to write a wsdl for php webservice?
Next Topic:	ANNOUNCE - NHI1 / PLMK / libmsgque - Work-Package-II

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat Nov 23 10:45:34 GMT 2024

Total time taken to generate the page: 0.04576 seconds