REQUEST: database security issues in PHP manual - Mailing list pgsql-admin

From Gyozo Papp
Subject REQUEST: database security issues in PHP manual
Date
Msg-id 01f001c197e5$1a6de840$01fdfea9@jaguar
Whole thread Raw
List pgsql-admin
 Hello,

 I' m currently working with the PHPDOC team on maintaining and
 keeping up-to-date the PHP manual. I proposed in the PHPDOC
 list to include some information about database security issues.
It aims to be an introduction into the very basics of how to
access and manipulate databases within PHP scripts. (the SQL
 injection was that started up this idea.)

 If you have any spare time to write a short paragraph or expose
a commonly used bad practise which can be hacked easily or
 knowing a sitepage that's worth reading it, please let me know!

 I hope you may share your valuable knowledge about this topic,
 because I'm not a security professional who has been around a
very lot (but not a newbie).

 I' m about to gather as much information as possible to
formulate the startings.

 As an ex member of this mailing list I expect your proposals,
but please note that the primary goal of this article will be
an overview about how to use _any database_ in a _web based_
 application what to allow and what to resist, not specifically
PostgreSQL. However I'm happy to receive such information, too.
(I've personally never used anything else but postgres :))
If a reasonable amount of tips and hints were received related
 to postgres, then a database specific section would be opened
 in the PHP manual, too.

 Best regards,

 --
 Gyozo Papp
  - gerzson@php.net              PS please CC me your replies!



pgsql-admin by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: unknown index
Next
From: RED
Date:
Subject: change one database to other