SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Thread: Which is secure website?

  1. Dec 10, 2012 01:17 #1
    nicholas3972
    nicholas3972 is offline
    Non-Member
    Join Date
    Dec 2012
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Which is secure website?

    Which is secure website? PHP or .NET
    Last edited by ralph.m; Dec 10, 2012 at 03:30. Reason: removed link
    Reply With Quote Reply With Quote
  2. Dec 10, 2012 02:01 #2
    felgall
    felgall is offline
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    15,819
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    They are two slightly different things but neither has ANY actual security issues in it apart from those you put there - usually when you do not properly validate inputs.

    Any security problems are 99.9999999999999999999999% certain to be poor code on the part of the person using it rather than an issue with the language/interface itself.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">
    Reply With Quote Reply With Quote
  3. Dec 10, 2012 11:41 #3
    wonshikee
    wonshikee is offline
    SitePoint Wizard wonshikee's Avatar
    Join Date
    Jan 2007
    Posts
    1,223
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    I would argue that .NET has a higher security standard since it's a framework and forces you to do things a certain way. PHP can be just as secure, however it leaves it up to the developer to know what to do.
    Reply With Quote Reply With Quote
  4. Dec 10, 2012 14:59 #4
    K. Wolfe
    K. Wolfe is offline
    Always A Novice bronze trophy
     K. Wolfe's Avatar
    Join Date
    Nov 2003
    Location
    Columbus, OH
    Posts
    1,863
    Mentioned
    28 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by wonshikee View Post
    I would argue that .NET has a higher security standard since it's a framework and forces you to do things a certain way. PHP can be just as secure, however it leaves it up to the developer to know what to do.
    Though there are frameworks available that handle most of the security for you, as well as decrease development time.
    <?php
    //Kyle Wolfe
    echo devBlog("My Dev Notes");
    Reply With Quote Reply With Quote
  5. Dec 10, 2012 15:40 #5
    felgall
    felgall is offline
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    15,819
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by wonshikee View Post
    I would argue that .NET has a higher security standard since it's a framework and forces you to do things a certain way. PHP can be just as secure, however it leaves it up to the developer to know what to do.

    If that is the case then in what way is vb.net any more or less secure than php.net? Also in what way is PHP running on .net any more or less secure than PGP running on an alternate interface?
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">
    Reply With Quote Reply With Quote
  6. Dec 10, 2012 17:57 #6
    wonshikee
    wonshikee is offline
    SitePoint Wizard wonshikee's Avatar
    Join Date
    Jan 2007
    Posts
    1,223
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by K. Wolfe View Post
    Though there are frameworks available that handle most of the security for you, as well as decrease development time.
    Of course, as I stated PHP is just as secure given the developer knows what to do, but PHP in itself does not enforce many things that a framework may.
    Reply With Quote Reply With Quote
  7. Dec 10, 2012 19:26 #7
    felgall
    felgall is offline
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    15,819
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Even if you do use a framework, it isn't going to properly validate all your input fields for you and so it would still be possible for someone to fill the database with junk. You need proper validation on all the inputs in order to implement real security that prevents any form of junk being entered and not just junk that might happen to be more destructive.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules