PHP The Right Way (phptherightway.com)

Посетить учебник
Свободно
Top Three Medal #1 из общего количества 60 PHP Учебники и курсы 32.4k+ Просмотры

податель

Khairul Anuar
1990 точки

Почему зрителям нравится этот урок?

Качество контента

Квалифицированный инструктор

Глубина курса и охват

Качество видео

Курс Pace

Напишите свой обзор этого урока:

Вы также можете задавать вопросы или предоставлять любую информацию, которая может быть полезна людям, проходящим этот курс..

Matthias Hogerheijde
Matthias Hogerheijde 50 точки
6 лет назад

Right,.. the "right way",.. and it is telling us to execute arbitrary code over the network by running "curl -s https://getcomposer.org/installer | php"... that's wrong on so many levels.

Gaurav Gupta
Gaurav Gupta 59065 Points

@matthias-hogerheijde You can always download the code and see what you are installing. Isn't that the same with almost everything else?

Matthias Hogerheijde

@gaurav-gupta It is not the same, because you need a level/web of trust. The act of trusting https://getcomposer.org/installer is not wrong in and of itself, teaching people to blindly copy-paste a command that does remote-code execution is the point that I'm fussing about. We should teach everyone to *first* find out what the level of trust is they put in something. Either by looking at the code and understanding it; or by making sure others (that you trust) have. So the least you should do is explain _why_ you trust the content of https://getcomposer.org/installer _before_ you tell others to blindly run that code. Then, I can figure out if your trust in them means anything to me. If so, I'll follow your advice. If not: I need to double-check.

Again: it's not about the actual command; it's about telling people that this is normal. It shouldn't be.

Square Boat
Square Boat 10 Points

@gaurav-gupta @matthias-hogerheijde Yups, you're right.

Gayatri Chauhan
Gayatri Chauhan 10 точки
1 месяц назад

+?*

Gayatri Chauhan
Gayatri Chauhan 10 точки
1 месяц назад

@1

Mdimran Khan016
Mdimran Khan016 10 точки
2 года назад

basic php code

Leo Torres
Leo Torres 10 точки
2 года назад

How up to date is this?