PHP Secure Framework October 01, 2017 PHP Secure Framework [–]LtAramaki 12 points 3 days ago I'm afraid if you have ambitions to create a secure framework, you need to have great understanding of security. The way you blindly trust proxy headers in your is_ssl() function implies you don't understand the dangers of reading proxy headers when you're not behind a proxy. And then there's this which... is anyone's guess what it does, because it's not documented, and it kind of makes no sense: function filter_url($url) { // remove characters we do not support return preg_replace('/[^A-Za-z0-9 ]/', '', $url); } What kind of a "URL" is alphanumeric with spaces and nothing else? Literally no URL. I recommend you read the materials on OWASP and keep practicing. Good luck. Also... do check out objects. ;-) Share Get link Facebook X Pinterest Email Other Apps Labels best php best php training php codes php coding php training php training trivandrum php updates php world Programming tricks web development Share Get link Facebook X Pinterest Email Other Apps Comments
Comments
Post a Comment