Training, Open Source Programming Languages

Search for:
Print friendly page
Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
A lion in a cage - PHP

A lion in a cage shouldn't be a danger - but release the lion from the cage and you could be at risk.

An include file that's pulled in by a PHP script shouldn't be a danger if it's used only from within that PHP script, but if it has its own URL the it could be released like the lion, and it could be a danger. If you're writing a PHP script that requires or includes files, please put the included files in a directory that's NOT got its own URL .... you can do it by giving a path to the file in the include or require statements, or by using the preconfigured directory that's set up on your PHP installation.


Image from Hone's Everyday Book
(written 2006-11-10, updated 2006-11-12)

 
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
H117 - Security in PHP
  [3813] Injection Attacks - PHP, SQL, HTML, Javascript - and how to neutralise them - (2012-07-22)
  [3747] An easy way to comply with the new cookie law if your site is well designed - (2012-06-02)
  [3698] How to stop forms on other sites submitting to your scripts - (2012-04-15)
  [3210] Catchable fatal error in PHP ... How to catch, and alternative solutions such as JSON - (2011-03-22)
  [2939] Protecting your images from use out of context - (2010-08-29)
  [2688] Security considerations in programming - what do we teach? - (2010-03-22)
  [2628] An example of an injection attack using Javascript - (2010-02-08)
  [2025] Injection Attack if register_globals in on - PHP - (2009-02-04)
  [1779] Injection Attacks - avoiding them in your PHP - (2008-08-31)
  [1747] Who is watching you? - (2008-08-10)
  [1694] Defensive coding techniques in PHP? - (2008-07-02)
  [1679] PHP - Sanitised application principles for security and useability - (2008-06-16)
  [1542] Are nasty programs looking for security holes on your server? - (2008-02-17)
  [1482] A story about benchmarking PHP - (2007-12-23)
  [1396] Using PHP to upload images / Store on MySQL database - security questions - (2007-10-19)
  [1387] Error logging to file not browser in PHP - (2007-10-11)
  [1323] Easy handling of errors in PHP - (2007-08-27)
  [1086] Injection attacks - safeguard your PHP scripts - (2007-02-20)
  [1052] Learning to write secure, maintainable PHP - (2007-01-25)
  [947] What is an SQL injection attack? - (2006-11-27)
  [426] Robust checking of data entered by users - (2005-08-27)
  [345] Spotting a denial of service attack - (2005-06-12)


Back to
Freedom for X is denial of privacy for Y
 Previous and next
or
Horse's mouth home		 Forward to
French Exchange
Some other Articles
The LAMP Cookbook - Linux, Apache, MySQL, PHP / Perl
Why shouldn't I spam?
Staying at your own hotel
French Exchange
A lion in a cage - PHP
Freedom for X is denial of privacy for Y
Databases needn't be frightening, hard or expensive
Syntax checking in PHP
Driving customers away
Paging through hundreds of entries
4435 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89 at 50 posts per page


This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).
You can Add a comment or ranking to this page
Public Training Courses
Running regularly at our UK training Centre.
[Schedule] - [About] - [Book]

Like this? ??

Related short articles
Adding a PHP build option, rotating an image based on camera data, and a new look at thumbnails in PHP
What FGW passengers want to talk about / and PHP programming to find out
Object factories in C++, Python, PHP and Perl
PHP - some quick fixes if scripts have issues, and how to use our support
PHP training - refreshed modern course, backed up by years of practical experience
Python, PHP, Ruby, C, Lua, etc ... course prices held for the rest of 2014
Disambiguation - PHP List
Endorsed Perl, Python and PHP training - Tcl, Lua, Ruby and C too!
Public courses - Python, PHP, Perl, Ruby, Lua, Tcl, C and C++ - autumn 2013 and through 2014
How do I post automatically from a PHP script to my Twitter account?
We not only teach PHP and Python - we teach good PHP and Python Practice!
Teaching CodeIgniter - MVC and PHP
Further recent PHP examples
A comment on comments in PHP
Learning about Object Orientation in PHP - a new set of examples
Splitting the difference with PHP
Setting up strings in PHP
Passing variable between PHP pages - hidden fields, cookies and sessions
Arrays in PHP - contain different and even mixed data types
MVC and Frameworks - a lesson from first principles in PHP
CodeIgniter - an excellent PHP framework with an easy start point
Curl and curling from PHP
stdClass in PHP - using an object rather than an associative array
The PHP course this week is in... Salford
A couple of new fast-start PHP examples
Our examples work with any recent version of PHP
Testing code coverage (have I tested everything?) in PHP
Testing classes for your PHP website with PHPUnit
Zend / layout of MVC and other files in an example application (PHP)
Building up from a small PHP setup to an enterprise one
Objects in PHP - Revision
PHP revision ... by example.
Moving from a warning system to a control system - PHP, forum spammers
Filtering PHP form inputs - three ways, but which should you use?
Multiple page web applications - maintaining state - PHP
PHP variables - dynamically typed. What does that mean?
How does PHP work?
Copying, duplicating, cloning an object in PHP
Autoload in PHP
Geekmas 2012 - celebrating open source languages such as Perl, PHP and Python
Know Python or PHP? Want to learn Perl too?
PHP sessions - a best practice teaching example
Fpdf - generating .pdf documents easily from your PHP program
More than just matching with a regular expression in PHP
Refresh and Revision training class days - Perl / PHP / Python / Lua / Ruby / Tcl / C / C++
Easy session example in PHP - keeping each customers data apart
Separating program and artwork in PHP - easier maintainance, and better for the user
Learning to program in PHP - Regular Expression and Associative Array examples
December courses - PHP, Python, Perl - and a weekend Lua course
Regular Expression modifiers in PHP - summary table
PHP - moving from ereg to preg for regular expressions
On this day ... one PHP script with three uses
MySQL, MySQLi, PDO or something else - how best to talk to databases from PHP
Your PHP website - how to factor and refactor to reduce growing pains
Divide 10000 by 17. Do you get 588.235294117647, 588.24 or 588? - Ruby and PHP
Do I need to initialise variables - programming in C, C++, Perl, PHP, Python, Ruby or Java.
Computer Graphics in PHP - World (incoming data) to Pixel (screen) conversion
Open Source (Public) courses - PHP, Tcl, SQL, Python, C and C++ in Melksham, Wiltshire, UK
Extra courses - Advanced PHP, MySQL and Lua
Perl, Python, PHP, Lua, Linux, and more - and business hotel too. Menu for 2011
Setting your user_agent in PHP - telling back servers who you are
Sending out an email containing HTML from within a PHP page
PHP data sources - other web servers, large data flows, and the client (browser)
Learning to Program ... in PHP. Course examples.
Handling (expanding) tabs in PHP
Increment operators for counting - Perl, PHP, C and others
Getting the OO design write - with PHP a example
Upload Image, Store in database, redisplay in browser. PHP and MySQL
LAMP - Linux, Apache, MySQL, PHP - install, configure, administer
PHP - Object Oriented Design in use
Dynamically watching your web site via a PHP wrapper
What is all this SESSION stuff about? (PHP)
Improving your function calls (APIs) - General and PHP
Uploading an image, document or pdf via a browser (php)
Exception handling in PHP
Adding extensions to PHP Open Source applications - callbacks
Static class members in PHP - a documented example
How to build a test harness into your PHP
Improve your PHP on a weekend away
Compile but do not run PHP - syntax check only
© WELL HOUSE CONSULTANTS LTD., 2015: Well House Manor • 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • FAX: 01144 1225 899360 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.net/mouth/920_A-li ... e-PHP.html • PAGE BUILT: Thu Sep 18 15:30:25 2014 • BUILD SYSTEM: WomanWithCat