News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Keith Casey's Blog:
The First Rule for Software Development
May 05, 2009 @ 10:25:25

Keith Casey has a suggestion for budding (PHP) developers out there looking to jump head first into their first project: "Don't trust the users."

Recently I taught a class of bright-eyed, bushy-tailed PHP'ers just getting their start in the world. They haven't done their first production application and we were working in the "safe" confines of a classroom, but there was one concept that I pounded into their heads: Don't Trust the Users.

Generally, as Keith mentions, users aren't malicious/incompetent/ignorant 99 percent of the time, but there's always that off chance that they are and you need to protect you and your application from it by filtering input and escaping all output to prevent any mishaps.

0 comments voice your opinion now!
xss filter input escape output software development trust user


blog comments powered by Disqus

Similar Posts

DevShed: Understanding Static Properties with PHP 5

Secunia.com: TCExam PHP Code Execution and Cross-Site Scripting

Pádraic Brady's Blog: Automatic Output Escaping In PHP & The Real Future Of Preventing XSS

NETTUTS.com: Book Review: Zend Framework 1.8 Web Application Development

Project: ArrBDD - a Behavior-Driven Development Library for PHP 5


Community Events

Don't see your event here?
Let us know!


opinion introduction laravel5 threedevsandamaybe community voicesoftheelephpant api symfony framework security language laravel release unittest series podcast version interview extension library

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework