Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] The Web is "Broken", But PHP Can Save It

On Thu, 14 Sep 2006 17:05:06 +0100
Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:

> Is PHP The Cure For The 'Broken' Web?  
> 
> ,----[ Quote ]
> | "The Web is broken and it's all your fault."
> | 
> | Those are the words that Rasmus Lerdorf, the creator of PHP, said to
> kick | off his keynote at the php|works conference under way here. 
> | 
> | [...]
> | 
> | Then there is Microsoft's Internet Explorer, which has "stupidity"
> | issues with character set detection, arbitrary header injection,
> host | header spoofing and request splitting.
> | 
> | "IE is completely broken in so many ways," Lerdorf said.
> | 
> | With some PHP commonsense, a few of the reasons why IE is broken can
> | be overcome. 
> `----
> 
> http://www.internetnews.com/dev-news/article.php/3631831

PHP is such a useful tool for developing pages with.

most of the time my choice is between perl python or php.

The part about checking input is so relevent to these languages. Using
JSP or c# often one has to create a matcher object, which just creates
bookkeeping overheads.

With perl, its as simple as if( $v =~ /^[0-9a-zA-Z]+$/ ) for most cases,
similarly for php:

if( preg_match( '/^[0-9a-zA-Z]+$/', $v ) ) ...

Much less work, why people don't check EVERYTHING is beyond me.

Those who do, often forget to RECHECK values retrieved from a database,
for example, inserting something which just came from a database without
thinking to escape it again can be disastrous, no matter what the
language.

-- 
Regards, Ed                      :: http://www.gnunix.net
just another unix person
Every link of gold around Mr. T's neck represents 7 fools that that 
he pitied, and then ate. 

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index