We're running a PHP course this week, and as ever I went around the room on the first day checking with the delegates what their "hot points" were, noting them on a board to the side to ensure that all the points ARE covered.
Security and maintainabily came up. And came up strong. Duly noted on the board, and aspects were covered right from the start of the course. These are vital subjects and it's no good at all learning
just the mechanisms of PHP without being aware of these issues. You can write a dog's dinner in which all manner of traps could lurk, or you can produce a Picasso - and you should plan which from the very first paint stroke on the canvas!
So I'm delighted that my delegates are concerned about ... security, maintainability, fitness for purpose, usability, extensability. It tells me that they're on the
right PHP course, and it's a pleasure to have their early inputs.
(written 2007-01-25 07:59:41)
Associated topics are indexed under
H115 - Designing PHP-Based Solutions: Best Practice [2430] Not just a PHP program - a good web application - (2009-09-29)
[2221] Adding a newsfeed for your users to a multipage PHP application - (2009-06-06)
[2199] Improving the structure of your early PHP programs - (2009-05-25)
[1794] Refactoring - a PHP demo becomes a production page - (2008-09-12)
[1694] Defensive coding techniques in PHP? - (2008-07-02)
[1623] PHP Techniques - a workshop - (2008-04-26)
[1533] Short and sweet and sticky - PHP form input - (2008-02-06)
[1490] Software to record day to day events and keep an action list - (2007-12-31)
[1487] Efficient PHP applications - framework and example - (2007-12-28)
[1482] A story about benchmarking PHP - (2007-12-23)
[1391] Ordnance Survey Grid Reference to Latitude / Longitude - (2007-10-14)
[1390] Converting from postal address to latitude / longitude - (2007-10-13)
[1389] Controlling and labelling Google maps via PHP - (2007-10-13)
[1381] Using a MySQL database to control mod_rewrite via PHP - (2007-10-06)
[1323] Easy handling of errors in PHP - (2007-08-27)
[1321] Resetting session based tests in PHP - (2007-08-26)
[1194] Drawing hands on a clock face - PHP - (2007-05-19)
[1182] Painting a masterpiece in PHP - (2007-05-10)
[1181] Good Programming practise - where to initialise variables - (2007-05-09)
[1166] Back button - ensuring order are not submitted twice (PHP) - (2007-04-28)
[1047] Maintainable code - some positive advice - (2007-01-21)
[945] Code quality counts - (2006-11-26)
[936] Global, Superglobal, Session variables - scope and persistance in PHP - (2006-11-21)
[896] PHP - good coding practise and sticky radio buttons - (2006-10-17)
[839] Reporting on the 10 largest files or 10 top scores - (2006-08-20)
[572] Giving the researcher power over database analysis - (2006-01-22)
[563] Merging pictures using PHP and GD - (2006-01-13)
[426] Robust checking of data entered by users - (2005-08-27)
[394] A year on - should we offer certified PHP courses - (2005-07-28)
[340] Code and code maintainance efficiency - (2005-06-08)
[261] Putting a form online - (2005-03-29)
[237] Crossfertilisation, PHP to Python - (2005-03-06)
[123] Short underground journeys and a PHP book - (2004-11-19)
H117 - Security in PHP [2025] Injection Attack if register_globals in on - PHP - (2009-02-04)
[1779] Injection Attacks - avoiding them in your PHP - (2008-08-31)
[1747] Who is watching you? - (2008-08-10)
[1679] PHP - Sanitised application principles for security and useability - (2008-06-16)
[1542] Are nasty programs looking for security holes on your server? - (2008-02-17)
[1396] Using PHP to upload images / Store on MySQL database - security questions - (2007-10-19)
[1387] Error logging to file not browser in PHP - (2007-10-11)
[1086] Injection attacks - safeguard your PHP scripts - (2007-02-20)
[947] What is an SQL injection attack? - (2006-11-27)
[920] A lion in a cage - PHP - (2006-11-10)
[345] Spotting a denial of service attack - (2005-06-12)
Some other Articles
Another frantic posting!Above the foldUK legal requirements for your commercial web siteSorting people by name in PHPLearning to write secure, maintainable PHPToo busy to blog it - but it's great (mostly)The HTML++ MetalanguageJava 6, Apache Tomcat 6.Getting rid of people - hotel techniques