Some requirements that good code should always fulfil include:
- Tidy programming style, well documented code (remarks) – this reduces the chance of errors and makes testing easier;
- Security – the code must not make it possible to write to disk at any location, for example;
- Stability – the code must not contain loops that can easily result in an infinite loop, make incorrect memory allocations or otherwise contain components that can jeopardize stability;
- Portability – the code must not be so strongly dependent on a specific version of Windows, IIS, .NET or another technology that the website no longer functions on another (newer) server or after the application of Service Packs.
Here are some sources of information about programming in PHP:
In principle, the guidelines above are also applicable to other script languages such as CGI/Perl, ASP.NET.
It is very important to keep up to date to maintain the security of systems and websites. It is recommended to make regular visits to (often technical) websites with security news, as well as to visit the websites for the web application packages being used. New vulnerabilities are regularly discovered in such packages. In addition to the information on our Service Pages regarding security issues and “attack vectors” you can also go to:
- Perl: http://www.cgisecurity.com/lib/taintmode.html
CGI/Perl Taint Mode FAQ:http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci892449,00.html
- Improving Web Application Security: Threats and Countermeasures:http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/ThreatCounter.asp
- SQL Injection Attacks by Example: http://www.unixwiz.net/techtips/sql-injection.html
Various script languages / XSS / SQL Injection:
- CGISecurity.com: http://www.cgisecurity.com
- Web Application Security Consortium: http://www.webappsec.org
- Open Web Application Security Project: http://www.owasp.org
- World Wide Web Consortium: http://www.w3.org
How would you rate this answer?
Thank you for your feedback!
Something went wrong. Please try again later.