RE: Policy on Web Applications

To: debian-webapps@lists.debian.org
Cc: <debian-webapps@lists.debian.org>
Subject: RE: Policy on Web Applications
From: "David Johnson" <djohnson@jsatech.com>
Date: Fri, 3 Mar 2006 11:07:41 -0600
Message-id: <[🔎] 005f01c63ee5$0d68e950$1e02a8c0@crm.local>
In-reply-to: <[🔎] 1141398698.3079.69.camel@darwin.os9.nl>

When we developed our application we did not know that in PHP it was
possible to turn off register_globals.  It was obvious to us that while
advantageous for quick development, globals were a big security issue, so we
designed our entire app using classes, and explicity stating where we want
to use globals and verifying them accordingly.   

We could re-code to not use globals, but we're focusing our recoding in
other technologies instead of PHP.  
 
I did not know we could turn on PHP global in an Apache virtual host
directive. This is great for this version of the package.  Thanks for the
feedback.

Reply to:

References:
- RE: Policy on Web Applications
  - From: Thijs Kinkhorst <kink@squirrelmail.org>

Prev by Date: Re: What about our webapp policy draft?
Next by Date: [webapps] Request for review
Previous by thread: RE: Policy on Web Applications
Next by thread: Re: Policy on Web Applications
Index(es):
- Date
- Thread