Secure coding practice
1 post
• Page 1 of 1
Secure coding practice
by doorknob » Fri Nov 07, 2008 1:25 pm
I've been examining all of the components in my development site for security vulnerabilities, specifically whether variables (rather than constants) are used in include() statements because these represent a potential security vulnerability.
Your code makes use of a global variable in this way. It does appear to be secure because it is set without using variables just before it is used (or I would be contacting you privately) but can I request that you change to using a constant instead of a global variable ($xmapComponentPath) so that we can all be more confident.
Thanks
Phil
Your code makes use of a global variable in this way. It does appear to be secure because it is set without using variables just before it is used (or I would be contacting you privately) but can I request that you change to using a constant instead of a global variable ($xmapComponentPath) so that we can all be more confident.
Thanks
Phil
- doorknob
- Junior Boarder
- Posts: 27
- Joined: Thu Aug 07, 2008 9:30 pm
1 post
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 3 guests