added security page

2026-01-02 17:59:36 +07:00 · 2012-10-29 13:02:58 +01:00
parent cd5fba06a8
commit c3f9fa711a
2 changed files with 18 additions and 0 deletions
--- a/developer_manual/index.rst
+++ b/developer_manual/index.rst
@@ -14,6 +14,7 @@ Contents
   configfile
   templates
   unittests
+   security



--- a/developer_manual/security.rst
+++ b/developer_manual/security.rst
@@ -0,0 +1,17 @@
+Security
+========
+
+Blacklisted PHP functionality
+-----------------------------
+**echo, print(), <?=**
+ Use $this->p in templates instead
+**error_log** 
+ Use throw new Exception("Description") instead
+**==** 
+ Use === instead
+**!=** 
+ Use !== instead
+**rand(), srand(), mt_rand()**
+ Use openssl_random_pseudo_bytes() instead
+
+TBD