Results 1 to 2 of 2

Thread: Anyone see a online tool that tests if the php code is secure?

  1. #1
    Join Date
    Apr 2007
    Location
    LA
    Posts
    14
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default Anyone see a online tool that tests if the php code is secure?

    Kind of a cut and paste option that checks for basic security flaws.

    thanks!

  2. #2
    Join Date
    Jul 2006
    Location
    Canada
    Posts
    2,581
    Thanks
    13
    Thanked 28 Times in 28 Posts

    Default

    Unless you're using variables in your url to correspond with php scripts using fread, fopen, mkdir, etc. there isn't much to check for security.
    Generally php is a very language (in the aspect that it can't be read by the "view source").

    An example of insecure code:
    Code:
    <?php
    mkdir($_GET["dir"]);
    ?>
    Would take the dir variable from the url and make a directory.
    - Mike

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •