[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secprog
Subject:    Re: PHP
From:       teo () gecadsoftware ! com
Date:       2001-08-24 8:31:05
[Download RAW message or body]

Hi Nathan!
On Wed, 22 Aug 2001, Nathan Cook wrote:

> From: <teo@gecadsoftware.com>
> > One can use a MVC model, and have only one entry in the site to do the
> > `dispatching'. That entry can do proper checkings and all.
> 
> It seems to me like it would be extremely simple to create an auto prepend
> script (http://www.zend.com/zend/spotlight/prepend.php#Heading3) and just have
> that run before every  page is processed to set the variables or unset the
> variables that are suspect.  That way no matter what page they entered on, you
> could regulate it.

yep, but such a page would have to know what is needed or not on a page, so it
would become a `fat server' to say so, keeping the track of all pages.

also true is that, by prepending it one can impose a specific policy, like on
hosted sites where the clients can have very little knowledge of these
aspects, but cannot think of a proper way to do that w/o being bound to the
logic of the application.

-- teodor

[prev in list] [next in list] [prev in thread] [next in thread]