Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
May
S M T W T F S
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31
Sponsored Links
Latest Postings
Topic Options
Rate This Topic
#18675 - 09/23/05 11:54 PM PHP 5.0 to a beginner
Joined: Sep 2005
Posts: 102
Testing Offline
UGN Member
Testing Offline
UGN Member

Joined: Sep 2005
Posts: 102
Sacramento, CA
Ok, so I guess php 5 has the register_variables set to off.

Do you think it would be best to learn php with the rules set the way they are now or would it be best to turn the register_variables to on.

I am looking at it from the point of a beginner learning the language not necessarily from a security position.

For now I have changed the .ini file and have them back on. However Im curious on what your opinion is on the best way to learn.


Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.
Top
Sponsored Links
#18676 - 09/24/05 12:10 AM Re: PHP 5.0 to a beginner
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå× Offline



Joined: Dec 2002
Posts: 3,255
Maryland
The developers a PHP.net suggest for security to get register globals OFF. However Every Hoster and script I have seen have register globals set to on, or require they be on.

I guess the answer to your question is this. It is good practice to design with register globals off. But in the production world it seems the pratice is to design as if they were on.

It is often harder to design with them off as you need to be a bit more creative. I have them on on the server, but try to design as if they were off. Usally fail at this


My New site OpenEyes
Top
#18677 - 09/24/05 12:28 AM Re: PHP 5.0 to a beginner
Joined: Sep 2005
Posts: 102
Testing Offline
UGN Member
Testing Offline
UGN Member

Joined: Sep 2005
Posts: 102
Sacramento, CA
Thats kind of what I was thinking. Learn with em on so I can learn this language without making it too friggin difficult on myself. Then when designing be security conscience.

Thanks for your input and info regarding hosts.

Since Im self hosting for now I get to choose! lol


Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.
Top
#18678 - 09/24/05 01:13 AM Re: PHP 5.0 to a beginner
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
I prefer designing for php4, ensures more compatability if you choose to move or sell scripts.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#18679 - 09/24/05 02:33 AM Re: PHP 5.0 to a beginner
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå× Offline



Joined: Dec 2002
Posts: 3,255
Maryland
Ture!!! If you are developing for sales, bleeding edge is bad. you want 2 or 3 versions back I would say.


My New site OpenEyes
Top
#18680 - 09/24/05 03:18 AM Re: PHP 5.0 to a beginner
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
Quote:
Originally posted by int:
Ture!!! If you are developing for sales, bleeding edge is bad. you want 2 or 3 versions back I would say.
Word of advice; always program for sales ...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#18681 - 09/24/05 03:48 AM Re: PHP 5.0 to a beginner
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
Since little rusty over there decided to post some of his favorite functions I went and built my own, as you can see most of my fav's deal with the file system vs much else...

file_exists:
http://us2.php.net/manual/en/function.file-exists.php

file:
http://us2.php.net/manual/en/function.file.php

fopen/fclose:
http://us2.php.net/fopen
http://us2.php.net/manual/en/function.fclose.php

fsockopen:
http://us2.php.net/manual/en/function.fsockopen.php

other disk/file functions:
http://us2.php.net/manual/en/function.disk-free-space.php
http://us2.php.net/manual/en/function.disk-total-space.php
http://us2.php.net/manual/en/function.chmod.php
http://us2.php.net/manual/en/function.copy.php
http://us2.php.net/manual/en/function.delete.php
http://us2.php.net/manual/en/function.filesize.php
http://us2.php.net/manual/en/function.filetype.php
http://us2.php.net/manual/en/function.flock.php
http://us2.php.net/manual/en/function.is-writable.php
http://us2.php.net/manual/en/function.touch.php

As you can see none of the "persistant" options are in my favorite, the reason is because persistant connections can be dirty and if not used properly can tear a server to its knees; working for a webhost for 3 years I've seen this with numerous scripts.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#18682 - 09/24/05 05:03 PM Re: PHP 5.0 to a beginner
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
BTW, if you're going to go off playing with MySQL you should also look into:
http://us2.php.net/manual/en/function.str-replace.php
http://us2.php.net/manual/en/function.stripslashes.php
http://us2.php.net/manual/en/function.strip-tags.php

so you don't go and get yourself owned...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#18683 - 09/25/05 02:02 AM Re: PHP 5.0 to a beginner
Joined: Sep 2005
Posts: 102
Testing Offline
UGN Member
Testing Offline
UGN Member

Joined: Sep 2005
Posts: 102
Sacramento, CA
Thanks Gizmo!

I will be developing for sales. However first I have plenty of developing for practice, mistakes, and learning to not "get owned"! Again thanks for the links as I can guarantee I will be previewing all of them.

Fortunately I have taken a database design class using oracle. So when it comes to the database I will be ok with normalization (about the only real info I remember from the class). LOL


I figure over the next week or so I will just be doing the examples from the books Im reading (PHP AND MYSQL FOR DYNAMIC WEB SITES written by Larry Ullman . Learning PHP 5 written by David Sklar ,, an Oreilly book.

I wonder how its going to be learning PHP from 2 books that cover different versions. lol
Might be a tad quirky sometimes but whatever,, ill get through it.

Thanks again everyone.


Flipping houses in Sacramento market has been fantastic. Curious about what it takes to flip houses? Follow me at http://sacramentoflips.com.
Top
#18684 - 09/25/05 02:41 AM Re: PHP 5.0 to a beginner
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
Well, if you're going to, eventually, design for sales; you should look into MySQL as your DB of choice as it's going to be what 99% of your users would use ...

See PM btw...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#18685 - 09/28/05 03:00 PM Re: PHP 5.0 to a beginner
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå× Offline



Joined: Dec 2002
Posts: 3,255
Maryland
If you are going into my SQL get very used to reading the manual on thier site.
http://dev.mysql.com/doc/mysql/en/tutorial.html


Also see thier forums
http://forums.mysql.com/

for thier PHP forum
http://forums.mysql.com/list.php?52


Most MySQL you can just see the info on PHP.net and run with it. Some tricky stuff you will need to look at thier manual and play with the PHP code to get it to work.


PHP.net MySQL functions
http://us2.php.net/manual/en/ref.mysql.php


My New site OpenEyes
Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,194
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics45,754
Posts80,922
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 38,918
Gremelin 7,194
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 2 guests and 4 spiders.
Latest News