[Phpwm] Fnuction to calculate a formula
pete graham
petegraham1 at gmail.com
Tue Dec 4 15:02:21 GMT 2007
Tell people with Javascript turned off to go and buy a calculator ;-)
Pete
On 04/12/2007, Phil Beynon <phil at infolinkelectronics.co.uk> wrote:
> > As we are all justifiably paranoid about users pumping malicious input
> > into eval() wouldn't it be best/safest to calculate these relatively
> > simple sums using JavaScript instead?
> >
> > Pete
>
> On a lot of little sites it probably doesn't matter a fig, but if that site
> grows organically to a larger site it could have exploitable holes all over
> it. So a lot of the design side is about getting a mindset that covers
> possibilities for abuse and using good programming techniques that
> minimise the holes.
> Some people do have javascript turned off, so that wouldn't allow a fallback
> easily.
>
> This is one of the reasons I don't really like using huge chunks of other
> peoples code and frameworks since you can build in identifiable
> vunerabilities.
> For the best security the best approach is using a FORTH type programming
> technique where the entire sitewide code block is a function built of
> functions, that way as soon as a vunerability becomes known it can be
> overcome via altering only one function.
>
> Phil
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.503 / Virus Database: 269.16.13/1169 - Release Date: 03/12/2007
> 22:56
>
> _______________________________________________
> Phpwm mailing list
> Phpwm at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/phpwm
>
>
More information about the Phpwm
mailing list