SitePoint Sponsor

User Tag List

Page 2 of 2 FirstFirst 12
Results 26 to 42 of 42

Thread: is PHP Secure?

  1. #26
    SitePoint Wizard mark_W's Avatar
    Join Date
    Mar 2004
    Location
    West Midlands, United Kingdom
    Posts
    2,631
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by computerages
    In my opinion, PHP is more secure than ASP and more powerful. You could do anything with PHP, which you might not be able to do with ASP. Such as, PHP supports the wide variety of database servers, but ASP suopports only MS-SQL or ODBC (as far as I know).. And another advantage of using PHP that it is an opensource, you could develop it yourself if you know C language; on the other hand, you have to pay money to Micrsoft if you are using ASP...
    You might want to read up more before you come to those conclusions!

    - Mark

  2. #27
    Free Geek computerages's Avatar
    Join Date
    Oct 2004
    Location
    /dev/null
    Posts
    1,071
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by mark_W
    You might want to read up more before you come to those conclusions!

    - Mark
    Hey mark_W,

    Nice to hear your comments about what I said. If you *really* think that I said something wrong which is not exist in the planet known as earth, then correct me and stop saying "You might want to read up more before you come to those conclusions!", which describes yourself as an idiot!

  3. #28
    Wanna-be Apple nut silver trophy M. Johansson's Avatar
    Join Date
    Sep 2000
    Location
    Halmstad, Sweden
    Posts
    7,400
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by bdunlap
    Don't forget IIS 5.x (since win2k is still the majority, AFAIK)
    http://secunia.com/product/39/
    11 advisories

    The reason I didn't quote the IIS5 stats is that IIS 5/W2K is a total piece of crap compared to Server 2003/IIS6, and nobody in their sane mind would pick it for hosting a web site when picking a platform right now. That it is in a majority is one thing, but really not relevant to the discussion.


    and PHP 5.0.x
    http://secunia.com/product/3919/
    2 advisories
    Ah. My mistake there. I didn't find PHP 5 on secunia, so I assumed that it simply didn't have any vulnerabilities yet. It's hasn't been out for too long.
    Mattias Johansson
    Short, Swedish, Web Developer

    Buttons and Dog Tags with your custom design:
    FatStatement.com

  4. #29
    SitePoint Wizard mark_W's Avatar
    Join Date
    Mar 2004
    Location
    West Midlands, United Kingdom
    Posts
    2,631
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by computerages
    Hey mark_W,

    Nice to hear your comments about what I said. If you *really* think that I said something wrong which is not exist in the planet known as earth, then correct me and stop saying "You might want to read up more before you come to those conclusions!", which describes yourself as an idiot!
    Im not going to insult you because I will just be as bad as you then!

    Also, what does, If you *really* think that I said something wrong which is not exist on this planet known as earth mean! That sentance doesnt even make sense!

    - Mark

  5. #30
    Free Geek computerages's Avatar
    Join Date
    Oct 2004
    Location
    /dev/null
    Posts
    1,071
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by mark_W
    Im not going to insult you because I will just be as bad as you then!

    Also, what does, If you *really* think that I said something wrong which is not exist on this planet known as earth mean! That sentance doesnt even make sense!

    - Mark
    I know what you are pointing to... But I won't be as bad as you, because sometimes giving up is considered right.

    Have a good day, and Happy New Year!

  6. #31
    SitePoint Wizard mark_W's Avatar
    Join Date
    Mar 2004
    Location
    West Midlands, United Kingdom
    Posts
    2,631
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by computerages
    I know what you are pointing to... But I won't be as bad as you, because sometimes giving up is considered right.

    Have a good day, and Happy New Year!
    Whatever, Happy new year and best wishes for 2005. Its all a matter of opinions!!!



    - Mark

  7. #32
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Cool

    Quote Originally Posted by M. Johansson
    IIS 5/W2K is a total piece of crap compared to Server 2003/IIS6, and nobody in their sane mind would pick it for hosting a web site when picking a platform right now.
    Well, the number of hosts giving out the Win2003 is still less than the ones offering Win2000. So quite a lot of users don't have any choice(given the fact that they have some reason, like pricing or making payments etc., for which they can't avail the services of a Win2003 host).
    Also, quite a lot of Win2003 hosts have Win2003 Web Edition. Is that Ok compared to Win2003 Enterprise Edition that some high-end hosts have? Or is the enterprise edition better for hosting?


    Quote Originally Posted by M. Johansson
    I didn't find PHP 5 on secunia, so I assumed that it simply didn't have any vulnerabilities yet. It's hasn't been out for too long.
    PHP5 is somewhat new but there's already been quite a lot of issues with it, especially the version for Windows. And recently a serious bug was found in all of PHP4 & PHP5 releases, which prompted the release of v4.3.10 & v5.0.3
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  8. #33
    Wanna-be Apple nut silver trophy M. Johansson's Avatar
    Join Date
    Sep 2000
    Location
    Halmstad, Sweden
    Posts
    7,400
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by asp_funda
    Well, the number of hosts giving out the Win2003 is still less than the ones offering Win2000. So quite a lot of users don't have any choice(given the fact that they have some reason, like pricing or making payments etc., for which they can't avail the services of a Win2003 host).
    Also, quite a lot of Win2003 hosts have Win2003 Web Edition. Is that Ok compared to Win2003 Enterprise Edition that some high-end hosts have? Or is the enterprise edition better for hosting?
    There is absolutely no reason to pick a Win2000 host over a win2003 host really. The pricing differences are miniscule, and Win2003 is enourmously better. Server2003 also has a cheap Web Edition, specifically adapted for web hosting. (as far as I know, it's the same as the other edition, lacking some features not generally needed for web hosting)
    Mattias Johansson
    Short, Swedish, Web Developer

    Buttons and Dog Tags with your custom design:
    FatStatement.com

  9. #34
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Cool

    Quote Originally Posted by M. Johansson
    Server2003 also has a cheap Web Edition, specifically adapted for web hosting. (as far as I know, it's the same as the other edition, lacking some features not generally needed for web hosting)
    Ok, so if I go in for a dedicated server, getting the Web Edition would be alright instead of the full edition if hosting can be done on it without any difference, no?
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  10. #35
    SitePoint Enthusiast
    Join Date
    Nov 2004
    Location
    Arizona, USA
    Posts
    94
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by M. Johansson
    The reason I didn't quote the IIS5 stats is that IIS 5/W2K is a total piece of crap compared to Server 2003/IIS6, and nobody in their sane mind would pick it for hosting a web site when picking a platform right now. That it is in a majority is one thing, but really not relevant to the discussion.




    Ah. My mistake there. I didn't find PHP 5 on secunia, so I assumed that it simply didn't have any vulnerabilities yet. It's hasn't been out for too long.
    Just wanted to make sure you were being thorough..

    I wonder if anyone could find some "statistics" regarding the rate of exploitation of the vulnerabilities mentioned.. That information would probably be much more relevant to OP's original inquiry..

    Quote Originally Posted by Mark Twain
    There are lies, damned lies and statistics..

  11. #36

    Join Date
    Oct 2003
    Location
    €uroLand
    Posts
    1,340
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by asp_funda
    Ok, so if I go in for a dedicated server, getting the Web Edition would be alright instead of the full edition if hosting can be done on it without any difference, no?
    There are differences. You cannot (respectively must not) run a MS SQL Server.

  12. #37
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Cool

    Quote Originally Posted by drzoid
    There are differences. You cannot (respectively must not) run a MS SQL Server.
    Why? Can't MS-SQL run on the Win2003 Web Edition? Then how do some hosts provide it on the web edition? I guess they offer MSDE, no?
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  13. #38

    Join Date
    Oct 2003
    Location
    €uroLand
    Posts
    1,340
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by asp_funda
    Why? Can't MS-SQL run on the Win2003 Web Edition? Then how do some hosts provide it on the web edition? I guess they offer MSDE, no?
    Well, its a good question whether its a technical or license issue, but I have to pass on this. More information about the limitations is at http://www.microsoft.com/windowsserv.../web.mspx#ECAA

  14. #39
    Wanna-be Apple nut silver trophy M. Johansson's Avatar
    Join Date
    Sep 2000
    Location
    Halmstad, Sweden
    Posts
    7,400
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by asp_funda
    Why? Can't MS-SQL run on the Win2003 Web Edition? Then how do some hosts provide it on the web edition? I guess they offer MSDE, no?
    Generally, MSSQL is run on a separate server, one that probably run standard or enterprise edition of Server 2003. This is a more realistic solution for most sites, because SQL Server licences are quite expensive, and a waste of money if you don't have a very large load on the DB.
    Mattias Johansson
    Short, Swedish, Web Developer

    Buttons and Dog Tags with your custom design:
    FatStatement.com

  15. #40
    Non-Member bronze trophy geniusgoalie's Avatar
    Join Date
    Sep 2004
    Location
    Buffalo, USA
    Posts
    979
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by M. Johansson
    Generally, MSSQL is run on a separate server, one that probably run standard or enterprise edition of Server 2003. This is a more realistic solution for most sites, because SQL Server licences are quite expensive, and a waste of money if you don't have a very large load on the DB.
    let's blame it all on microsoft

  16. #41
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Angry

    Quote Originally Posted by drzoid
    Well, its a good question whether its a technical or license issue, but I have to pass on this. More information about the limitations is at http://www.microsoft.com/windowsserver2003/evaluation/overview/web.mspx#ECAA
    Now that is really annoying that you can't run SQL Server on the Web-Edition & have to get a higher version for that? Microsoft says that the WebEdition is for deploying web applications only, so are they confessing that SQL Server is not for web applications & it shouldn't be used for it?
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  17. #42
    Wanna-be Apple nut silver trophy M. Johansson's Avatar
    Join Date
    Sep 2000
    Location
    Halmstad, Sweden
    Posts
    7,400
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by asp_funda
    Now that is really annoying that you can't run SQL Server on the Web-Edition & have to get a higher version for that? Microsoft says that the WebEdition is for deploying web applications only, so are they confessing that SQL Server is not for web applications & it shouldn't be used for it?
    It's simply an edition of Windows designed for Web servers, not SQL servers. If you use Web edition, you will probably want to run a separate SQL server.
    Mattias Johansson
    Short, Swedish, Web Developer

    Buttons and Dog Tags with your custom design:
    FatStatement.com


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •