Jay Blanchard wrote:
[snip] In the spirit of improving the mailing list, I'd like to suggest that we, as a group, attempt to not provide answers with Bad Practices, or at least always to point out that the Sample is Bad Practice for production sites? For example, an answer to a question about <?php echo $foo?> where it is clear that register_globals is "off" should either specifically sanitize the data, or make reference to the need to sanitize the data, or link to http://phpsec.org or something along those lines. Otherwise, we merely perpetuate the problems of Bad Code with our answers to newbies, who then run off and write insecure sites and cause us more grief down the road. Hmmm. Maybe this should be part of a Netiquette document "How to give good answers" right next to that "How to ask good questions" document :-^ [/snip] I vote for that. I need to find that doc...curt z had it on a site
here is the link for the improved newbie doc - http://zirzow.dyndns.org/php-general/NEWBIE -- life is a game... so have fun.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php