I was just looking through some old old old PHP code, I knew I never was the greatest coder, but I was pretty darn bad a couple of years ago.
My idea of security was just a random string of numbers, here’s a sample:
$id=$_GET['id'];
?>
IF ($id == "98493859") {
?>
The page would be displayed after that, nice and secure I see. Oh, and validation was an absolute no-no, I mean no hacker is every going to get into this are they?
Thankfully I’ve improved a bit since then, (I hope anyway).
It’s also weird to see what I’ve learnt recently, I’m still far from being an expert, but I think I know what I know quite well, I was updating a lot of the code on stuffatschool.com recently, the original had been published a few months ago, and to be quite honest, it was a security risk & then some, I’d left it displaying mysql error’s everywhere, not bothered with SQL injection, thankfully nothing every happened, and the new version is (I hope) much more secure. In fact in just the month or so I’d say I’ve made the most progress in terms of the learning curve, I’d say now I am more sensible & secure in what I do.
Anyone else ever done this? Looked back at something to realise how shoddy it was!
“Anyone else ever done this? Looked back at something to realise how shoddy it was!”
Erm … yes. Many a time.
I’m not even going to go into some of the stuff I used to do. *sigh*.