Need a discount on popular programming courses? Find them here. View offers

PHP The Right Way (phptherightway.com)

Visit Tutorial
report

What's the issue?
Free
Top Three Medal #1 out of total 20 PHP Tutorials and Courses 39.8k+ views / Published March 19, 2015

submitter

Khairul Anuar
Khairul Anuar
2090 points

Why programmers like this tutorial?

Content quality

Qualified Instructor

Course depth and Coverage

Video quality

Course Pace

Write your review of this tutorial:

You can also ask questions or provide any information that might be helpful to the people taking this course.

Matthias Hogerheijde
Matthias Hogerheijde 50 points
8 years ago

Right,.. the "right way",.. and it is telling us to execute arbitrary code over the network by running "curl -s https://getcomposer.org/installer | php"... that's wrong on so many levels.

report

Please tell us what's wrong with the comment. Thanks.

Gaurav Gupta
Gaurav Gupta 64815 Points

@matthias-hogerheijde You can always download the code and see what you are installing. Isn't that the same with almost everything else?

Matthias Hogerheijde
Matthias Hogerheijde 50 Points

@gaurav-gupta It is not the same, because you need a level/web of trust. The act of trusting https://getcomposer.org/installer is not wrong in and of itself, teaching people to blindly copy-paste a command that does remote-code execution is the point that I'm fussing about. We should teach everyone to *first* find out what the level of trust is they put in something. Either by looking at the code and understanding it; or by making sure others (that you trust) have. So the least you should do is explain _why_ you trust the content of https://getcomposer.org/installer _before_ you tell others to blindly run that code. Then, I can figure out if your trust in them means anything to me. If so, I'll follow your advice. If not: I need to double-check.

Again: it's not about the actual command; it's about telling people that this is normal. It shouldn't be.

Square Boat
Square Boat 10 Points

@gaurav-gupta @matthias-hogerheijde Yups, you're right.

Mdimran Khan016
Mdimran Khan016 10 points
4 years ago

basic php code

report

Please tell us what's wrong with the comment. Thanks.

Leo Torres
Leo Torres 10 points
4 years ago

How up to date is this?

report

Please tell us what's wrong with the comment. Thanks.

We recognized you are using an ad blocker.
We totally get it.

Still, ads support Hackr and our community. That's why we give you the option to donate to us, and we will switch ads off for you.

Already a member?