|
Training, Open Source Computer Languages |
| Home | Accessibility | Courses | Diary | The Mouth | Forum | Resources | Site Map | About Us | Contact |
|
A lion in a cage - PHP  A lion in a cage shouldn't be a danger - but release the lion from the cage and you could be at risk.An include file that's pulled in by a PHP script shouldn't be a danger if it's used only from within that PHP script, but if it has its own URL the it could be released like the lion, and it could be a danger. If you're writing a PHP script that requires or includes files, please put the included files in a directory that's NOT got its own URL .... you can do it by giving a path to the file in the include or require statements, or by using the preconfigured directory that's set up on your PHP installation. Image from Hone's Everyday Book (written 2006-11-10, updated 2006-11-12) Associated topics are indexed under H117 - Security in PHP[3813] Injection Attacks - PHP, SQL, HTML, Javascript - and how to neutralise them - (2012-07-22) [3747] An easy way to comply with the new cookie law if your site is well designed - (2012-06-02) [3698] How to stop forms on other sites submitting to your scripts - (2012-04-15) [3210] Catchable fatal error in PHP ... How to catch, and alternative solutions such as JSON - (2011-03-22) [2939] Protecting your images from use out of context - (2010-08-29) [2688] Security considerations in programming - what do we teach? - (2010-03-22) [2628] An example of an injection attack using Javascript - (2010-02-08) [2025] Injection Attack if register_globals in on - PHP - (2009-02-04) [1779] Injection Attacks - avoiding them in your PHP - (2008-08-31) [1747] Who is watching you? - (2008-08-10) [1694] Defensive coding techniques in PHP? - (2008-07-02) [1679] PHP - Sanitised application principles for security and useability - (2008-06-16) [1542] Are nasty programs looking for security holes on your server? - (2008-02-17) [1482] A story about benchmarking PHP - (2007-12-23) [1396] Using PHP to upload images / Store on MySQL database - security questions - (2007-10-19) [1387] Error logging to file not browser in PHP - (2007-10-11) [1323] Easy handling of errors in PHP - (2007-08-27) [1086] Injection attacks - safeguard your PHP scripts - (2007-02-20) [1052] Learning to write secure, maintainable PHP - (2007-01-25) [947] What is an SQL injection attack? - (2006-11-27) [426] Robust checking of data entered by users - (2005-08-27) [345] Spotting a denial of service attack - (2005-06-12) 5272
Some other Articles
The LAMP Cookbook - Linux, Apache, MySQL, PHP / PerlWhy shouldn't I spam? Staying at your own hotel French Exchange A lion in a cage - PHP Freedom for X is denial of privacy for Y Databases needn't be frightening, hard or expensive Syntax checking in PHP Driving customers away Paging through hundreds of entries |
4090 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82 at 50 posts per pageThis is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.
Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).
PH: 01144 1225 708225 • FAX: 01144 1225 899360 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho
PAGE: http://www.wellho.net/mouth/920_A-li ... e-PHP.html • PAGE BUILT: Sat Feb 23 12:39:13 2013 • BUILD SYSTEM: wizard