NYCPHP Meetup

NYPHP.org

[nycphp-talk] "The Web is broken and it's all your fault."

Rob D rob2005 at ozemail.com.au
Fri Sep 15 17:59:57 EDT 2006


Greetings from South Australia,

Firstly, I just want to say I have been a reader of this list for a few 
years now and I would like to say thank you to everyone at NYPHP and 
other contributors to this list for the informative discussions, ideas 
and techniques that take place here.

Regarding the current topic, I enjoy reading and as such have read many 
articles and tutorials over the years both on private sites and at the 
popular developer haunts.

One thing that I have noticed repeatedly is that anytime someone 
actually comments or gives advise about security concerns with the code 
presented in an article, the concerns are:

1. Totally ignored.

2. The author of the code responds with "I am only trying to present the 
basics here".

3. The author ends up making nasty or obscene posts about the person who 
provided the constructive criticism, not only on their own site but on 
other popular sites.

More often than not the article remains unchanged, and sometimes you 
even see the code end up in a project for download elsewhere by someone 
other than the author.

With regards point 2, surely these days including proper security is 
part of the basics!

As Chris points out in his excellent book, there is not that much extra 
coding involved to provide or fix these issues. And whats more Chris and 
a couple of others have even provided downloadable sample chapters that 
cover these basics for free, without even buying their books.

So why do these basic issues continually happen with all the excellent 
resources available to help prevent them in the first place?

I really don't know!

Anyway thanks for reading. These are just my observations of which I am 
sure many of you have noticed too.

Kind regards

Rob







More information about the talk mailing list