Re: Good Answers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Richard Lynch wrote:
Hey y'all...

In the spirit of improving the mailing list, I'd like to suggest that
we, as a group, attempt to not provide answers with Bad Practices, or
at least always to point out that the Sample is Bad Practice for
production sites?

For example, an answer to a question about <?php echo $foo?> where it
is clear that register_globals is "off" should either specifically
sanitize the data, or make reference to the need to sanitize the data,
or link to http://phpsec.org or something along those lines.

Otherwise, we merely perpetuate the problems of Bad Code with our
answers to newbies, who then run off and write insecure sites and
cause us more grief down the road.

Hmmm.  Maybe this should be part of a Netiquette document "How to give
good answers" right next to that "How to ask good questions" document
:-^

Might I make a suggestion for an addition to the newbie email - in the "where to find more information" section - add a link either to the manual security section or phpsec.org

--

life is a game... so have fun.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux