Jason Gerfen wrote:
I have a question which as of yet I am unable to find any information
about from googling. Lets say you have just written a fairly robust
PHP/MySQL application and would like to put it on your production server.
For reasons of clarification lets say this application handles sensitive
customer data including credit infromation, so it is imperitive that the
data remain secure and during the development process at every turn you
went through great lengths to filter data on forms, URL's file uploads etc.
Is there any product available, commercial or free which performs source
code auditing which *specificly searches PHP code for SQL, XSS type of
attacks or vulnerabilities? TIA.
Product, I don't know. But talk to Chris Shiflett on this list. I
*think* his company performs this service.
http://shiflett.org/
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
jnichel@xxxxxxxxxxxxxxxxxxxxxxxxxxx
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
