From owner-freebsd-questions@FreeBSD.ORG Wed Dec 8 04:52:06 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4DB9C1065672 for ; Wed, 8 Dec 2010 04:52:06 +0000 (UTC) (envelope-from dalescott@shaw.ca) Received: from idcmail-mo1so.shaw.ca (idcmail-mo1so.shaw.ca [24.71.223.10]) by mx1.freebsd.org (Postfix) with ESMTP id 19CEF8FC12 for ; Wed, 8 Dec 2010 04:52:05 +0000 (UTC) Received: from pd2ml1so-ssvc.prod.shaw.ca ([10.0.141.139]) by pd3mo1so-svcs.prod.shaw.ca with ESMTP; 07 Dec 2010 21:23:09 -0700 X-Cloudmark-SP-Filtered: true X-Cloudmark-SP-Result: v=1.1 cv=6EkEX6JM2LCztCEhkE317K9SpBSN4cB8nbuuHVfFIzI= c=1 sm=1 a=kh-3Y9aju0EA:10 a=BLceEmwcHowA:10 a=kj9zAlcOel0A:10 a=gP64OGu1Wg00f0IYR0/kpw==:17 a=6_Hfo6qZisi4-CWD4ZkA:9 a=TLWoj7BcVIMedPvif1kA:7 a=EMXhBEJ9InZe8BTK4fAb4Dtq1asA:4 a=CjuIK1q_8ugA:10 a=HpAAvcLHHh0Zw7uRqdWCyQ==:117 Received: from unknown (HELO DaleHPLaptop) ([68.144.165.249]) by pd2ml1so-dmz.prod.shaw.ca with ESMTP; 07 Dec 2010 21:23:09 -0700 From: "Dale Scott" To: "'Chuck Swiger'" , "'Da Rock'" References: <3374599093-437630056@intranet.com.mx> <4CFED0D4.3090108@herveybayaustralia.com.au> In-Reply-To: Date: Tue, 7 Dec 2010 21:23:04 -0700 Message-ID: <001901cb968f$9bef44b0$d3cdce10$@shaw.ca> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Content-language: en-ca Thread-index: AQH0O4d9zwLcEwxSFOy3nQWcYQFHdAJxrWprAqNBjh0DME+B3ZMCfUzg Cc: freebsd-questions@freebsd.org Subject: RE: Shopping cart other than OSCommerce? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Dec 2010 04:52:06 -0000 > As for PHP and security, well, when someone ends up getting married to > three abusive drunks in a row, there is more going on with that then random > chance or even bad luck. I'll interpret that as saying a large percentage of the PHP apps vying for your attention are crap, but buyer beware. Just be careful, have a healthy level of scepticism, and keep your eyes open. I'm amazed at the ease with which a good looking web app can be created, and with complete and total disregard for the most basic software development best practices. However, that doesn't mean all apps are crap, just like there are still guys & gals out there worth tying your life to. In my experience (which is probably more than some, but certainly not much compared to some others), MediaWiki, MantisBT, Moodle, and Drupal are mature, reliable and generally secure PHP-based applications. They have good documentation, active communities, and are honest and prompt with security advisories (and also pretty prompt with security updates). I'm sure there must be others (e.g., I don't know anything about Facebook other than it's PHP-based, but I'm sure we'd hear about it being hacked on a regular basis if it was). Dale