Which server-side programming should i choose.
matt at proweb.co.uk
Fri Jul 4 02:20:23 PDT 2003
Matthew Seaman wrote:
>On Fri, Jul 04, 2003 at 10:26:47AM +1000, JacobRhoden wrote:
>>Even though this is getting waaay off topic...
>> On Thu, 3 Jul 2003 07:46 pm, Matt Heath wrote:
>> > Ever seen something like this :
>> > $r = mysql_execute("select * from table_1 where id=$_GET[id];");
>>Actually people do do the same thing and perl and you know it :P Both perl and
>>php support calling sql with parameters using ? to insert variables. If
>>someone does not know what language to use at all, I would suggest php simply
>>because its a good, quick, easy language to get started in without too much
>>difficulty. (In lots of ways including not needing to understand cgi
>>variables, and what the heck Content-type: text/html\n\n is, or learning how
>>to include perl librarys to do all that stuff for you!)
>You're missing the point. $_GET[id] is one of the arguments used when
>calling the PHP and as such is completely under the control of an
perl has the "tainted" construct for this and will refuse certain
operations with tainted data.
But my challenge was Kevin Kinsey's assertion :
> [PHP is] likely to be more secure than Perl if used as Apache module than CGI.
and I want to know why ?
More information about the freebsd-questions