Join Hackr.io to get personalized course recommendations for you.

PHP The Right Way (phptherightway.com)

Visita Tutorial
Gratis
Top Three Medal #1 de un total de 52 PHP Tutoriales y Cursos 27.1k+ vistas

remitente

Khairul Anuar
1380 puntos

¿Por qué a los programmers les gusta este tutorial?

Calidad del contenido

Instructor calificado

Profundidad del curso y cobertura

Calidad de video

Ritmo del curso

Escribe tu reseña de este tutorial:

También puede hacer preguntas o proporcionar cualquier información que pueda ser útil para las personas que toman este curso.

Matthias Hogerheijde
hace 4 años

Right,.. the "right way",.. and it is telling us to execute arbitrary code over the network by running "curl -s https://getcomposer.org/installer | php"... that's wrong on so many levels.

Gaurav Gupta
Gaurav Gupta 42731 Points

@matthias-hogerheijde You can always download the code and see what you are installing. Isn't that the same with almost everything else?

Matthias Hogerheijde

@gaurav-gupta It is not the same, because you need a level/web of trust. The act of trusting https://getcomposer.org/installer is not wrong in and of itself, teaching people to blindly copy-paste a command that does remote-code execution is the point that I'm fussing about. We should teach everyone to *first* find out what the level of trust is they put in something. Either by looking at the code and understanding it; or by making sure others (that you trust) have. So the least you should do is explain _why_ you trust the content of https://getcomposer.org/installer _before_ you tell others to blindly run that code. Then, I can figure out if your trust in them means anything to me. If so, I'll follow your advice. If not: I need to double-check.

Again: it's not about the actual command; it's about telling people that this is normal. It shouldn't be.

Square Boat
Square Boat 10 Points

@gaurav-gupta @matthias-hogerheijde Yups, you're right.

Mdimran Khan016
Mdimran Khan016 10 puntos
hace 3 meses

basic php code

Leo Torres
Leo Torres 10 puntos
hace 8 meses

How up to date is this?