There are 0 videos waiting in queue!! You're not logged in! | Register | Login | Wallpapers | Forums | Blog | Who We Are | Upload

- 4 decades ago

PHP is inherently insecure
A lot of people do not believe that PHP (the web-based programming language) is inherently insecure. Yes it is!

I've had a conversation with a co-worker a while back in which he told me, "Oh, no. It is secure." Umm... No. It is not.

PHP trusts every input you pass through it. This includes global variables or URL parameters. It does not automatically escape code or even knows to check for escapes. It will allow you to display direct locations to files or resources on your site. These are dangerous and could lead to MySQL injections and worse. 

So, when someone tells you that PHP is secure by default, you'll know they have no idea what they're talking about.
Posted on 07/29/2013 08:05 am

Comments

Post Comment


Steve


Bash it upside the head!
 Trying to write a script here. I'm a bit conflicted. It's not operating the way I want:

#!/bin/bash
x=`du ./ -h --max-depth=1`

exec 3<&0
exec 0<"$x"

while read -r line
do
        #echo "[$line]"
        z=`echo "[$line]" | awk '{print $1}'`
        if [[ z < 1 ]]; then
                echo "$z is Smaller than 1"
        elif [[ z > 1 ]]; then
                echo "$z is Bigger than 1"
        fi
done

exec 0<&3


Essentially, I'm just trying to read each line created by the DU command and use the first value as a point of reference. I'm assuming the exec isn't used correct when trying to reset the stdin for the use of the "read -r line" portion of this while. In Bash, this is the only instruction I believe works when reading line by line. I'd rather use a FOR loop without using IFS, but I may not have a choice in the matter. What a pain! 
Posted on 07/29/2013 06:34 am

Comments

Post Comment


Steve


Click here to take Ultra Edge Radio with you on the go!

Hubris (Ehru Version) - Soul Calibur II
Download the song here

*/ ?>
Blog archive


September 2017
March 2017
January 2016
July 2015
March 2014
February 2014
August 2013
July 2013
June 2013
March 2013
November 2012
January 2012
December 2011
October 2011
July 2011
March 2011
December 2010
October 2010
June 2010
January 2010
October 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
August 2008
May 2008
April 2008
March 2008
February 2008
Affiliates
Anime OST.org
Become an affiliate!





About | FAQ | Help | Contact Us