UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
August
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#18675 - 09/24/05 12:54 AM PHP 5.0 to a beginner
Testing Offline
UGN Member

Registered: 09/21/05
Posts: 102
Loc: Sacramento, CA
Ok, so I guess php 5 has the register_variables set to off.

Do you think it would be best to learn php with the rules set the way they are now or would it be best to turn the register_variables to on.

I am looking at it from the point of a beginner learning the language not necessarily from a security position.

For now I have changed the .ini file and have them back on. However Im curious on what your opinion is on the best way to learn.
_________________________
Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.

Top
Sponsored Links
      
#18676 - 09/24/05 01:10 AM Re: PHP 5.0 to a beginner
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
The developers a PHP.net suggest for security to get register globals OFF. However Every Hoster and script I have seen have register globals set to on, or require they be on.

I guess the answer to your question is this. It is good practice to design with register globals off. But in the production world it seems the pratice is to design as if they were on.

It is often harder to design with them off as you need to be a bit more creative. I have them on on the server, but try to design as if they were off. Usally fail at this
_________________________
My New site OpenEyes

Top
#18677 - 09/24/05 01:28 AM Re: PHP 5.0 to a beginner
Testing Offline
UGN Member

Registered: 09/21/05
Posts: 102
Loc: Sacramento, CA
Thats kind of what I was thinking. Learn with em on so I can learn this language without making it too friggin difficult on myself. Then when designing be security conscience.

Thanks for your input and info regarding hosts.

Since Im self hosting for now I get to choose! lol
_________________________
Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.

Top
#18678 - 09/24/05 02:13 AM Re: PHP 5.0 to a beginner
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
I prefer designing for php4, ensures more compatability if you choose to move or sell scripts.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#18679 - 09/24/05 03:33 AM Re: PHP 5.0 to a beginner
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
Ture!!! If you are developing for sales, bleeding edge is bad. you want 2 or 3 versions back I would say.
_________________________
My New site OpenEyes

Top
#18680 - 09/24/05 04:18 AM Re: PHP 5.0 to a beginner
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
Quote:
Originally posted by int:
Ture!!! If you are developing for sales, bleeding edge is bad. you want 2 or 3 versions back I would say.
Word of advice; always program for sales ...
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#18681 - 09/24/05 04:48 AM Re: PHP 5.0 to a beginner
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
Since little rusty over there decided to post some of his favorite functions I went and built my own, as you can see most of my fav's deal with the file system vs much else...

file_exists:
http://us2.php.net/manual/en/function.file-exists.php

file:
http://us2.php.net/manual/en/function.file.php

fopen/fclose:
http://us2.php.net/fopen
http://us2.php.net/manual/en/function.fclose.php

fsockopen:
http://us2.php.net/manual/en/function.fsockopen.php

other disk/file functions:
http://us2.php.net/manual/en/function.disk-free-space.php
http://us2.php.net/manual/en/function.disk-total-space.php
http://us2.php.net/manual/en/function.chmod.php
http://us2.php.net/manual/en/function.copy.php
http://us2.php.net/manual/en/function.delete.php
http://us2.php.net/manual/en/function.filesize.php
http://us2.php.net/manual/en/function.filetype.php
http://us2.php.net/manual/en/function.flock.php
http://us2.php.net/manual/en/function.is-writable.php
http://us2.php.net/manual/en/function.touch.php

As you can see none of the "persistant" options are in my favorite, the reason is because persistant connections can be dirty and if not used properly can tear a server to its knees; working for a webhost for 3 years I've seen this with numerous scripts.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#18682 - 09/24/05 06:03 PM Re: PHP 5.0 to a beginner
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
BTW, if you're going to go off playing with MySQL you should also look into:
http://us2.php.net/manual/en/function.str-replace.php
http://us2.php.net/manual/en/function.stripslashes.php
http://us2.php.net/manual/en/function.strip-tags.php

so you don't go and get yourself owned...
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#18683 - 09/25/05 03:02 AM Re: PHP 5.0 to a beginner
Testing Offline
UGN Member

Registered: 09/21/05
Posts: 102
Loc: Sacramento, CA
Thanks Gizmo!

I will be developing for sales. However first I have plenty of developing for practice, mistakes, and learning to not "get owned"! Again thanks for the links as I can guarantee I will be previewing all of them.

Fortunately I have taken a database design class using oracle. So when it comes to the database I will be ok with normalization (about the only real info I remember from the class). LOL


I figure over the next week or so I will just be doing the examples from the books Im reading (PHP AND MYSQL FOR DYNAMIC WEB SITES written by Larry Ullman . Learning PHP 5 written by David Sklar ,, an Oreilly book.

I wonder how its going to be learning PHP from 2 books that cover different versions. lol
Might be a tad quirky sometimes but whatever,, ill get through it.

Thanks again everyone.
_________________________
Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.

Top
#18684 - 09/25/05 03:41 AM Re: PHP 5.0 to a beginner
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
Well, if you're going to, eventually, design for sales; you should look into MySQL as your DB of choice as it's going to be what 99% of your users would use ...

See PM btw...
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#18685 - 09/28/05 04:00 PM Re: PHP 5.0 to a beginner
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
If you are going into my SQL get very used to reading the manual on thier site.
http://dev.mysql.com/doc/mysql/en/tutorial.html


Also see thier forums
http://forums.mysql.com/

for thier PHP forum
http://forums.mysql.com/list.php?52


Most MySQL you can just see the info on PHP.net and run with it. Some tricky stuff you will need to look at thier manual and play with the PHP code to get it to work.


PHP.net MySQL functions
http://us2.php.net/manual/en/ref.mysql.php
_________________________
My New site OpenEyes

Top

Moderator:  §intå×, Gremelin 
Featured Member
Registered: 08/21/13
Posts: 1
Forum Stats
2146 Members
46 Forums
33872 Topics
69039 Posts

Max Online: 1567 @ 04/25/10 10:20 AM
Top Posters
UGN Security 27035
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Devo60, ali, lavos, Zanvin Green, Daktologist
2145 Registered Users
Who's Online
0 registered (), 336 Guests and 336 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!