Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Marco Tabini's Blog:
Security Is As Security Does
Jan 24, 2006 @ 12:39:52

With a follow-up to Chris Shiflett's post on the "insecurity of PHP", Marco Tabini has voiced his opinion over on his blog as well.

Via Chris' blog, I came across this posting that discusses the perceived lack of security in PHP. Others have already made excellent points in response to the author's claims—which, basically, boil down to the fact that he seems to confuse security with a limitation in functionality.

What? Is he serious? Well, yes—and for one simple reason: security means different things to different people. The level of input filtering that may be needed for my software does not necessarily fit the requirements of other people's needs. The goal of the language is to remain as simple, powerful and efficient as possible. It is then up to the developer to determine the level of additional functionality that he requires and implement it—and that includes security.

He goes on mentioning things like the Zend Framework and eZ Systems - all development platforms that are working to provide a secure environment for any developer to work in. Of course, not all developers need that much "protection" in their code, and are happy to work within something a bit more lean (he gives an example of Rasmus)...

tagged: security framework what you need zend ez systems security framework what you need zend ez systems


Trending Topics: