The Fundamental Errors on newbies programmers...

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Gurzi
Forum Commoner
Posts: 27
Joined: Wed Aug 02, 2006 4:04 pm

The Fundamental Errors on newbies programmers...

Post by Gurzi »

Hy people... I'm From Portugal, and i'm loving this Forum...

Have great guides and knowledgment...

My doubt is.....

Anyone know if exists one Guide talking about the normal errors done by the users that are starting programming?

The context i want is security, i never thought on security, so, i might had some errors that can be a an easy road to who wants to destroy some sites.

ps : sorry my bad english , i'm trying to improve him :P


:D
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

#1 Rule for me: DO NOT TRUST ANY USER INPUT
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Rule #2: Use the built in security features of PHP intelligently (register_globals = Off, display_errors = Off, etc).
Gurzi
Forum Commoner
Posts: 27
Joined: Wed Aug 02, 2006 4:04 pm

Post by Gurzi »

i knew the first 1 , the register globals, but the second one i didn't know... but it make all sense, if the errors are displayed, it's more easy to everyone change the data :)

i'm really enjoying this forum :)

congrulations for all :)

now, i'm a usual user :)

:D

ps : i had the display_errors on , but that errors are displayed on the page ? or exists other way to see the errors ?
Last edited by Gurzi on Wed Aug 02, 2006 5:02 pm, edited 1 time in total.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

there was a thread around here a while ago on bad practices.

viewtopic.php?t=19006
Gurzi
Forum Commoner
Posts: 27
Joined: Wed Aug 02, 2006 4:04 pm

Post by Gurzi »

feyd wrote:there was a thread around here a while ago on bad practices.

viewtopic.php?t=19006
thnks :D
User avatar
shiflett
Forum Contributor
Posts: 124
Joined: Sun Feb 06, 2005 11:22 am

Re: The Fundamental Errors on newbies programmers...

Post by shiflett »

Gurzi wrote:Anyone know if exists one Guide talking about the normal errors done by the users that are starting programming?
You might find the PHP Security Guide helpful:

http://phpsec.org/projects/guide/

It's also available in a few other languages. What's your native language?
Post Reply