News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ed Finkler's Blog:
The Zend Framework and Its Influence on Secure PHP Development
March 16, 2007 @ 08:28:43

Ed Finkler has an interesting new post on his blog today that looks at what kind of influence the Zend Framework has had on the PHP community's outlook on secure web development.

I posted this rather lengthy argument in the Zend fw-core mailing list after I learned that the Zend_Filter_Input component had been dropped from the Zend Framework. I have used this component extensively in various projects, and had written up a contribution to the Zend DevZone that described using a bootstrap script to block direct access by your developers to the superglobal user input arrays ($_GET, $_POST, $_COOKIE, etc).

He includes the post and talks about things like the good side of PHP's popularity and the bad side (like developers that cannot write secure applications). He targets the Zend Framework as one tool that has made it slightly harder to write secure applications (as of the move from 0.7 to 0.8 because of small things like having to create a filter object to do any filtering).

The key to his complaint is the removal of the Zend_Filter_Input component which, from his perspective, made things easier to secure and made for simpler and cleaner code.

0 comments voice your opinion now!
secure development zendframework future zendfilterinput secure development zendframework future zendfilterinput


blog comments powered by Disqus

Similar Posts

Dave Dash's Blog: symfony + mod_rewrite: moving smoothly from development to production environments

Till Klampaeckel's Blog: Zend Framework: Writing an IN-Clause with Zend_Db

MaltBlue.com: How To Build an Extendible Zend Framework Application

Jacob Santos' Blog: Why SDO Doesn't Take Off

Juozas Kaziukenas' Blog: Scraping login requiring websites with cURL


Community Events





Don't see your event here?
Let us know!


framework tips developer deployment symfony release bugfix introduction interview zendserver series podcast language library api laravel community opinion conference threedevsandamaybe

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework