{"id":1690,"date":"2005-10-11T09:36:40","date_gmt":"2005-10-11T07:36:40","guid":{"rendered":"https:\/\/www.fullo.net\/blog\/archives\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/"},"modified":"2005-10-11T09:36:40","modified_gmt":"2005-10-11T07:36:40","slug":"qualche-articolo-su-php-e-sicurezza","status":"publish","type":"post","link":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/","title":{"rendered":"qualche articolo su php e sicurezza"},"content":{"rendered":"<p>Chris sul suo blog <a href=\"http:\/\/shiflett.org\/archive\/153\">pubblica una serie di articoli<\/a> sugli attacchi via web alle proprie applicazioni pi\u00f9 classici e su come difendersi.<\/p>\n<p>Molto interessanti e soprattutto da ricordare se dovr\u00f2 parlare dell&#8217;argomento al prossimo <a href=\"http:\/\/sprite.csr.unibo.it\">linuxday<\/a> a Cesena ;)<\/p>\n<p>ciuaz<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Chris sul suo blog pubblica una serie di articoli sugli attacchi via web alle proprie applicazioni pi\u00f9 classici e su come difendersi. Molto interessanti e soprattutto da ricordare se dovr\u00f2 parlare dell&#8217;argomento al prossimo linuxday a Cesena ;) ciuaz<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[9],"tags":[410,2248,542,217],"class_list":["post-1690","post","type-post","status-publish","format-standard","hentry","category-php","tag-development","tag-php","tag-programming","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>qualche articolo su php e sicurezza - Fullo<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"qualche articolo su php e sicurezza - Fullo\" \/>\n<meta property=\"og:description\" content=\"Chris sul suo blog pubblica una serie di articoli sugli attacchi via web alle proprie applicazioni pi\u00f9 classici e su come difendersi. Molto interessanti e soprattutto da ricordare se dovr\u00f2 parlare dell&#8217;argomento al prossimo linuxday a Cesena ;) ciuaz\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/\" \/>\n<meta property=\"og:site_name\" content=\"Fullo\" \/>\n<meta property=\"article:published_time\" content=\"2005-10-11T07:36:40+00:00\" \/>\n<meta name=\"author\" content=\"Francesco Fullone\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@fullo\" \/>\n<meta name=\"twitter:site\" content=\"@fullo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesco Fullone\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/\"},\"author\":{\"name\":\"Francesco Fullone\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\"},\"headline\":\"qualche articolo su php e sicurezza\",\"datePublished\":\"2005-10-11T07:36:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/\"},\"wordCount\":45,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\"},\"keywords\":[\"development\",\"php\",\"programming\",\"security\"],\"articleSection\":[\"php\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/\",\"url\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/\",\"name\":\"qualche articolo su php e sicurezza - Fullo\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#website\"},\"datePublished\":\"2005-10-11T07:36:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2005\\\/10\\\/11\\\/qualche-articolo-su-php-e-sicurezza\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"qualche articolo su php e sicurezza\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/\",\"name\":\"Fullo\",\"description\":\"nulla e&#039; impossibile per chi non lo deve fare!\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\",\"name\":\"Francesco Fullone\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\",\"width\":622,\"height\":622,\"caption\":\"Francesco Fullone\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\"},\"sameAs\":[\"http:\\\/\\\/www.fullo.net\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/fullo\",\"https:\\\/\\\/x.com\\\/fullo\"],\"url\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/author\\\/fullo\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"qualche articolo su php e sicurezza - Fullo","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/","og_locale":"en_US","og_type":"article","og_title":"qualche articolo su php e sicurezza - Fullo","og_description":"Chris sul suo blog pubblica una serie di articoli sugli attacchi via web alle proprie applicazioni pi\u00f9 classici e su come difendersi. Molto interessanti e soprattutto da ricordare se dovr\u00f2 parlare dell&#8217;argomento al prossimo linuxday a Cesena ;) ciuaz","og_url":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/","og_site_name":"Fullo","article_published_time":"2005-10-11T07:36:40+00:00","author":"Francesco Fullone","twitter_card":"summary_large_image","twitter_creator":"@fullo","twitter_site":"@fullo","twitter_misc":{"Written by":"Francesco Fullone"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/#article","isPartOf":{"@id":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/"},"author":{"name":"Francesco Fullone","@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c"},"headline":"qualche articolo su php e sicurezza","datePublished":"2005-10-11T07:36:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/"},"wordCount":45,"commentCount":0,"publisher":{"@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c"},"keywords":["development","php","programming","security"],"articleSection":["php"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/","url":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/","name":"qualche articolo su php e sicurezza - Fullo","isPartOf":{"@id":"https:\/\/www.fullo.net\/blog\/#website"},"datePublished":"2005-10-11T07:36:40+00:00","breadcrumb":{"@id":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.fullo.net\/blog\/2005\/10\/11\/qualche-articolo-su-php-e-sicurezza\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fullo.net\/blog\/"},{"@type":"ListItem","position":2,"name":"qualche articolo su php e sicurezza"}]},{"@type":"WebSite","@id":"https:\/\/www.fullo.net\/blog\/#website","url":"https:\/\/www.fullo.net\/blog\/","name":"Fullo","description":"nulla e&#039; impossibile per chi non lo deve fare!","publisher":{"@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fullo.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c","name":"Francesco Fullone","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1","url":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1","width":622,"height":622,"caption":"Francesco Fullone"},"logo":{"@id":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1"},"sameAs":["http:\/\/www.fullo.net","https:\/\/www.linkedin.com\/in\/fullo","https:\/\/x.com\/fullo"],"url":"https:\/\/www.fullo.net\/blog\/author\/fullo\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p3OSc1-rg","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":1587,"url":"https:\/\/www.fullo.net\/blog\/2005\/08\/13\/php-6\/","url_meta":{"origin":1690,"position":0},"title":"php 6","author":"Francesco Fullone","date":"13\/08\/2005","format":false,"excerpt":"Sulla ML di sviluppo di php c'\u00e8 un lunghissimo thread (potete leggerlo anche come RSS) sulle novit\u00e0 che verranno apportate su php 6, una tra tutte l'eliminazione di register_global... Se ne parla anche su planet-php. ciauz","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1781,"url":"https:\/\/www.fullo.net\/blog\/2005\/11\/24\/php-6-meeting-docs\/","url_meta":{"origin":1690,"position":1},"title":"php 6 meeting docs","author":"Francesco Fullone","date":"24\/11\/2005","format":false,"excerpt":"scovo tra le varie discussioni su planet-php questo interessante documento su php 6, frutto di un meeting fatto a parigi l'11 e 12 novembre. Tra le cose che ho notato subito: l'implementazione di una simil funzione goto (ma non \u00e8 il male?) la funzione ifsetor() per fare un merge di\u2026","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":974,"url":"https:\/\/www.fullo.net\/blog\/2004\/08\/24\/phplinks-articoli-vari\/","url_meta":{"origin":1690,"position":2},"title":"php::Links(&#8216; articoli vari &#8216;);","author":"Francesco Fullone","date":"24\/08\/2004","format":false,"excerpt":"su codewalkers due articoletti, uno su come funzionano i loop e l'altro su come utilizzare le socket in php. john lim sul suo blog ha pubblicato un tutorial avanzato su come sfruttare al meglio l'accoppiata adoDB ed oracle su phpbuilder c'\u00e8 un complesso articolo sull'uso di php, xml, xsl e\u2026","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1687,"url":"https:\/\/www.fullo.net\/blog\/2005\/10\/10\/php-441-rc1\/","url_meta":{"origin":1690,"position":3},"title":"php 4.4.1 rc1","author":"Francesco Fullone","date":"10\/10\/2005","format":false,"excerpt":"Su PHP-Quality Assurance \u00e8 disponibile la nuova release candidate 1 di php 4.4.1. Dal ChangeLog si notano solo molti bugfix e nessuna aggiunta di rilievo. ciuaz","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2108,"url":"https:\/\/www.fullo.net\/blog\/2006\/11\/04\/aggiornate-php-e-fatelo-in-fretta\/","url_meta":{"origin":1690,"position":4},"title":"Aggiornate PHP, e fatelo in fretta&#8230;","author":"Francesco Fullone","date":"04\/11\/2006","format":false,"excerpt":"E' stata rilevato un bug abbastanza grave che permette di usare htmlentities() e htmlspecialchars() per eseguire codice remoto su un server (maggiori info su hardened-php). Siccome quelle due funzioni sono alla base di tutti i metodi di parsing e protezione contro XSS sono normalmente usate ovunque. Su PHP.net trovate le\u2026","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2194,"url":"https:\/\/www.fullo.net\/blog\/2007\/01\/17\/php-italian-aggregator-e-php-6\/","url_meta":{"origin":1690,"position":5},"title":"PHP Italian aggregator e PHP 6","author":"Francesco Fullone","date":"17\/01\/2007","format":false,"excerpt":"Aggregatori ed aggregati Siccome il plugin per la creazione degli aggregatori con wordpress non funziona pi\u00f9 un granch\u00e8 bene con la versione 2.x ho pensato di provare due possibili alternative per il planet-php italiano. La prima consiste nell'utilizzo del nuovo fiammante account da network mananger, che mi \u00e8 stato offerto\u2026","rel":"","context":"In &quot;eventi&quot;","block_context":{"text":"eventi","link":"https:\/\/www.fullo.net\/blog\/category\/eventi\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/posts\/1690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/comments?post=1690"}],"version-history":[{"count":0,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/posts\/1690\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/media?parent=1690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/categories?post=1690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/tags?post=1690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}