SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    Non-Member
    Join Date
    Dec 2012
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Which is secure website?

    Which is secure website? PHP or .NET
    Last edited by ralph.m; Dec 10, 2012 at 03:30. Reason: removed link

  2. #2
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    They are two slightly different things but neither has ANY actual security issues in it apart from those you put there - usually when you do not properly validate inputs.

    Any security problems are 99.9999999999999999999999% certain to be poor code on the part of the person using it rather than an issue with the language/interface itself.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  3. #3
    SitePoint Wizard wonshikee's Avatar
    Join Date
    Jan 2007
    Posts
    1,223
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    I would argue that .NET has a higher security standard since it's a framework and forces you to do things a certain way. PHP can be just as secure, however it leaves it up to the developer to know what to do.

  4. #4
    Always A Novice bronze trophy
    K. Wolfe's Avatar
    Join Date
    Nov 2003
    Location
    Columbus, OH
    Posts
    2,178
    Mentioned
    63 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by wonshikee View Post
    I would argue that .NET has a higher security standard since it's a framework and forces you to do things a certain way. PHP can be just as secure, however it leaves it up to the developer to know what to do.
    Though there are frameworks available that handle most of the security for you, as well as decrease development time.

  5. #5
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by wonshikee View Post
    I would argue that .NET has a higher security standard since it's a framework and forces you to do things a certain way. PHP can be just as secure, however it leaves it up to the developer to know what to do.

    If that is the case then in what way is vb.net any more or less secure than php.net? Also in what way is PHP running on .net any more or less secure than PGP running on an alternate interface?
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  6. #6
    SitePoint Wizard wonshikee's Avatar
    Join Date
    Jan 2007
    Posts
    1,223
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by K. Wolfe View Post
    Though there are frameworks available that handle most of the security for you, as well as decrease development time.
    Of course, as I stated PHP is just as secure given the developer knows what to do, but PHP in itself does not enforce many things that a framework may.

  7. #7
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Even if you do use a framework, it isn't going to properly validate all your input fields for you and so it would still be possible for someone to fill the database with junk. You need proper validation on all the inputs in order to implement real security that prevents any form of junk being entered and not just junk that might happen to be more destructive.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •