have you tried googling on +"application framework" +php.. that seems like what you're looking for and several of these projects are "commercial-grade" and open source. i use dbasis as my application framework and highly recommend it -- its a component of the syntaxCMS project. i have also used blueshoes and mambo before on other sites here's an o'reilly article to get you started http://www.oreillynet.com/pub/wlg/6029 - schnippy On 9/21/05, bruce <bedouglas@xxxxxxxxxxxxx> wrote: > > i would have thought (perhaps wrongly) that someone would have created a > series of functions/routines and wrapped them in a package/lib to deal > with > the security issues that i've raised!! > > but i have to tell you. i've looked at some open source classess/apps that > aren't that strong. in fact, some simply have no real checks on the data > types/structure of the data being inserted into the db at all... > > and aaron, your app is a commercial app. for now, we're looking in the > open > source area where we can get to the underlying source. > > -bruce > > > -----Original Message----- > From: Aaron Greenspan [mailto:aarong@xxxxxxxxxxxxxxxxx] > Sent: Wednesday, September 21, 2005 7:18 AM > To: php-general@xxxxxxxxxxxxx > Subject: Re: security/sql issues with php > > > Bruce, > > If you're looking for commercial-grade open-source packages, I think > you're going to have a pretty hard time finding much. Most > commercial-grade software is...commercial. The truly robust open-source > packages, i.e. Mozilla, MySQL, JBoss, BerkeleyDB, etc., are backed by > some sort of commercial, or at the very least, corporate, entity. The > rest, more often than not, are not commercial-grade; the support > structures that companies require just don't exist for those packages. > > I've offered to help you before via our commercial framework, Lampshade, > which handles I'd say 98% of everything you want, and can be easily > customized or added to in order to handle the remaining 2%. It's not > open-source, but it also doesn't need to be since the documentation is > so extensive. It's used in applications for all sorts of organizations > from Harvard University to companies traded on the NYSE. There may be > other open frameworks that are used just as widely--I would venture to > guess phpNuke and the-CMS-formerly-known-as-Mambo--but as you've > discovered, they don't do half of the things you'd like to see all in > one place. Also, Mambo's political machinations are a good example of > what you don't want to see in a commercial-grade product. > > If you want to keep searching, I suppose no one's going to stop you. I'm > just afraid it's not out there. Anyone, correct me if I'm wrong. > > Best of luck, > > Aaron > > Aaron Greenspan > President & CEO > Think Computer Corporation > > http://www.thinkcomputer.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
