[GTALUG] OwnCloud vs Nextcloud?
ac
ac at main.me
Tue Jul 12 02:23:24 EDT 2016
On Mon, 11 Jul 2016 23:13:25 -0400
Blaise Alleyne via talk <talk at gtalug.org> wrote:
<snip>
> There are well-designed and sophisticated PHP-based applications,
> like SabreDAV, like Symfony, like ownCloud/NextCloud. It's possible
> to write secure, well-designed code in PHP, and some people choose
> PHP because of it's broad accessibility for hosting, not because they
> don't know how to write secure code.
>
> I'm not that old, but I've seen and worked with my fair share of
> terrifying PHP applications... ownCloud/NextCloud isn't one of them.
> *shrugs*
>
just while on the topic of insecure php code... I started php dev in
2000 and some of the code from that time, up to 2005, is not all that
secure. (not even oop)
this is from that time, and maintained for intranet (not internet) use
up to 2009 - https://github.com/andrecoetzee/Accounting-123
even if you look at the php code from the early 2000's you will see
that the only obvious security issues are global variables, for the
rest of it, **not bad security** for that time period
Of course, as time (and experience) sets in, one and all learns a lot
and code from after 2012 looks a lot different :)
So, I guess what I am saying is that PHP sometimes has a bad
reputation also because it is so commonly used, like c, c is just as
easy and just as flexible, actually I think some of my old c code has
a lot more security issues than my old php code
Andre
More information about the talk
mailing list