template engine? |
(05-27-2016, 03:31 AM)InsiteFX Wrote:(05-26-2016, 02:58 PM)winers1290 Wrote:(05-25-2016, 06:54 PM)skunkbad Wrote: No and no, but there's no problem with that. Also, if you're working with a "designer" that isn't comfortable around php, a funky template language isn't going to help. You just need to work with more experienced people. I wasn't meaning the risk is that someone could see your PHP code, that's obviously protected server side. More that if an attacker managed to get write access to the view file, it's an easy way to execute some code or make use of $_SERVER outputs (if used), for example. But as already mentioned by caralot, as long as everything is properly sanitised, it looks like the risk is minimal. |
Messages In This Thread |
template engine? - by winers1290 - 05-25-2016, 06:33 PM
RE: template engine? - by skunkbad - 05-25-2016, 06:54 PM
RE: template engine? - by winers1290 - 05-26-2016, 02:58 PM
RE: template engine? - by InsiteFX - 05-27-2016, 03:31 AM
RE: template engine? - by winers1290 - 05-28-2016, 03:07 AM
RE: template engine? - by cartalot - 05-27-2016, 12:55 PM
RE: template engine? - by Paradinight - 05-28-2016, 08:22 AM
RE: template engine? - by cartalot - 05-28-2016, 12:21 PM
RE: template engine? - by marksman - 06-14-2016, 08:06 AM
RE: template engine? - by ivantcholakov - 06-14-2016, 10:37 AM
RE: template engine? - by PaulD - 06-14-2016, 12:37 PM
RE: template engine? - by ivantcholakov - 06-15-2016, 04:17 AM
RE: template engine? - by spjonez - 06-15-2016, 05:31 AM
RE: template engine? - by prezire - 06-15-2016, 05:43 AM
|