Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:124635 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by qa.php.net (Postfix) with ESMTPS id B03C31A00B7 for ; Sat, 27 Jul 2024 01:18:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1722043193; bh=ZeqsHyCU/w6q999M5O18gx6CdFO4BPURSJwOEZcqksE=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=PKT5t1DhCr66pnZAZ1QkFKhlV/iAd154xXpP+2fCE8w0thXQk3cpLBF86h2sW/YGj rdB0M7ja+Ajab5/usMXHRWlfONwF16OTZdSlkLXqWNH9y3L/nYQkkE7pP2EKtrD/ff qWwxv3XhMMhxMliTK3sos4QxLRInxCo6FmEnrJP6ZVVHfh8hHSSr1nD/r6jZ9qKa3Z Sd5mj0z8399faIaWJ7G9FNKOetWaBFSStrQCklTAhq2htpd7pvKq4WTQ2Yvt3bFdal d7RA2sMrOs0y5Y8qWn/HdvKwny+C7b09Ji9T+bmR84KaN8uY6EGvpCGxzC2zMZFgGK LpIuBWa/TquKw== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 1B3E3180048 for ; Sat, 27 Jul 2024 01:19:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net X-Spam-Level: ** X-Spam-Status: No, score=2.3 required=5.0 tests=BAYES_50,BODY_8BITS, DKIM_SIGNED,DKIM_VALID,DMARC_MISSING,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=no autolearn_force=no version=4.0.0 X-Spam-Virus: No X-Envelope-From: Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sat, 27 Jul 2024 01:19:51 +0000 (UTC) Received: by mail-yb1-f173.google.com with SMTP id 3f1490d57ef6-e0875f1e9edso247431276.1 for ; Fri, 26 Jul 2024 18:18:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=newclarity-net.20230601.gappssmtp.com; s=20230601; t=1722043095; x=1722647895; darn=lists.php.net; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7C/G6NUep1cKZu/pEpR4w1qa8Toq6nar+pJwwN1Sf90=; b=sUjfkt4nChETo6mpl/cwEUqE2MOiThz9LGjp1bzSqBIhGdjSoUUgqDu6wQNM9E47sr Z621HCbKkC0XsMc54KcnxNlignzFf7Rkc1bH6sDtPnggLIlN7qRSnUUlAPdNQPsIpF/8 k64xbXdHj5ihYVwLjdHUZ4pM8Vw1bSOwXC1iO1J8A+QJba/zTJMTjy2sUH+IDqxfh58M WlaN3XuTN5P/TOiKOueSr+TLyrczO2TFjr+r4vn4mhFRJaNXmUe1ZQaCAAYTAg6C8/ah WKCfz+fD7EML72vfG2ox6X8BE90WmoJw+NsnyBl/7b82vMCsHfFIUXIZdtlWpU22eqg9 aI2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722043095; x=1722647895; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7C/G6NUep1cKZu/pEpR4w1qa8Toq6nar+pJwwN1Sf90=; b=WK3bpealEWtDpddgWXiSwCcOPOezocwBnQo1wXRnDoHXJv3q9JFo9LkJrPTYbWmfRZ rymfGAED3Iq3vTqICm9uX0Xb3jrwawVQrVUJ8b+nJm2jgmodomhs+pimcsk0mEbdddKY 9Ap19k06pTu+hLNrGVfuU1kXlnSR3EFL2JjDF7qKFZiN2RlXjdGIQuZ4uKx7AGGPQmha IyAAWlNDMfgbh5f+ocR1OVX4fds7ofvNV3MIUaJ12JC7wbTpZ9XP7tqsf7QyPmsyC3rC dTLMvflgkLFNXX5Wi4aAoKl11yyY9dExj7D4jjBM41Gv5hP4hrYqvgLCWHhT2J5SrWnJ TShw== X-Forwarded-Encrypted: i=1; AJvYcCWFlry1ZGOEnU9PFyXs5j0ROZKy4fDEoZgvliRckqPehb1/ccAbGadUp41r2U3vfCP1vhf/y+O1B4rQYiBrl6uF5pZFz7K+3Q== X-Gm-Message-State: AOJu0Yw/gYBFKMNS+HX8u+XdLf2tL+kOldM79tuzR13TXDiexDCeXv2Q 3iSw7krfNC3f3GBmnOoWlcpB79n6W2ZxlGj/7V+6rVJgdDC2Ia+pWzbQ1joW5YE= X-Google-Smtp-Source: AGHT+IGNlx0ZJqY1IUuaqAZ71Ns5RUjCMPp//55xQ8YaBpXvSdNO9S3LFd3HX4Vqt1+o1frGJ/FXdA== X-Received: by 2002:a05:6902:1104:b0:e08:664c:dd23 with SMTP id 3f1490d57ef6-e0b5449cd14mr1865416276.11.1722043095293; Fri, 26 Jul 2024 18:18:15 -0700 (PDT) Received: from smtpclient.apple (c-98-252-216-111.hsd1.ga.comcast.net. [98.252.216.111]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e0b29f7e037sm975985276.26.2024.07.26.18.18.14 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 Jul 2024 18:18:14 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Precedence: bulk list-help: list-post: List-Id: internals.lists.php.net x-ms-reactions: disallow Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.8\)) Subject: [PHP-DEV] =?utf-8?B?UmU6IFtQSFAtREVWXSBbUkZDXSBbVk9URV0gRGVwcmVjYXRpb25z?= =?utf-8?B?IGZvciBQSFAgOC40IOKAlMKgVXNlIGEgY2Fycm90LCBub3QgYSBzdGljay4=?= In-Reply-To: Date: Fri, 26 Jul 2024 21:18:14 -0400 Cc: =?utf-8?Q?Tim_D=C3=BCsterhus?= , PHP internals Content-Transfer-Encoding: quoted-printable Message-ID: <1DFBFF12-BBEB-44AF-A0B8-607CF8AC0344@newclarity.net> References: <1a88918e-e808-d778-45e1-53797660e093@php.net> <95147d9d-d6e8-4396-bf0b-409c33679f90@bastelstu.be> To: "Gina P. Banyard" X-Mailer: Apple Mail (2.3696.120.41.1.8) From: mike@newclarity.net (Mike Schinkel) > On Jul 26, 2024, at 9:11 PM, Mike Schinkel = wrote: >=20 > Kudos to Tim D=C3=BCsterhus for identifying = https://www.phptutorial.net/php-tutorial/php-csrf/ and = https://www.php-einfach.de/php-tutorial/die-wichtigsten-php-funktionen/ = but his takeaway for an action item was less inspiring. He argued those = articles support deprecations when it seems to me the more obvious = takeaway after finding those articles would be to reach out to those = websites =E2=80=94 as well as others publishing insecure information =E2=80= =94 and provide them with updated content to replace the content they = are currently publishing with content that is promotes secure practices. = Getting those websites updated is likely to have far more positive = impact for new PHP developers learning to do things "the right way" then = forcing them to update their code where they'll likely just use = hash("md5"). As a quick follow up: https://www.phptutorial.net/contact/ And: https://www.php-einfach.de/author/nils/=20 https://www.nils-reimers.de/contact/=20 -Mike=