NYCPHP Meetup

[nycphp-talk] "The Web is broken and it's all your fault."

Keith Casey mailinglists at caseysoftware.com
Thu Sep 14 09:00:36 EDT 2006


On 9/14/06, michael <lists at genoverly.net> wrote:
>         a. newbies haven't been burned yet or don't know best practices
>         b. popularity brings the dark side for low hanging fruit

I think there's another problem related to these two.  There are a
number of open source apps out there setting horrible examples for the
rest of us.  I - like many around here most likely - picked up php
coming from other languages.  Therefore, since I knew the concepts and
wanted to focus on syntax, my tendancy was to look at how other people
were doing things and learn from there.

>         c. terms like 'x-site scripting' and 'db injection' are
>                 confusing buzzwords to the newly introduced and (despite
>                 efforts) are not defined well enough; besides,
>                 buzzwords get ignored anyway.

Last night at DCPHP, I was speaking with a couple people who hadn't
heard of either concept.  After a quick walkthrough, it started to
make sense to them, but I was surprised at their ignorance (in the
strictest definition of the word).

> 3. it isn't preached enough

And it needs to be hammered into people... some on this list have been
responsible for driving this area but I think it needs to go a step
farther.  Any idea what that step should be?

kc

-- 
D. Keith Casey Jr.
CEO, CaseySoftware, LLC
http://CaseySoftware.com



More information about the talk mailing list