Jump to content


Photo

Which AMP Installation for Windows XP Pro environment?


  • Please log in to reply
1 reply to this topic

#1 PHPF60818

PHPF60818
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 18 August 2006 - 10:47 AM

Glad to know there are several choices like XAMPP, WAMP, EasyPHP, Reactor, etc.

Questions:
(1) If one wishes to avoid the need to "upgrade" to a more powerful installation later, which one(s) should one install under WinXP Pro?

(2) How secure are each of the installations? What's the chance of hackers hacking into the computer via the installation? In terms of being hacker-proof, which of the installations is the most secure, and which is the least secure? Which one has the best default security?

(3) What are the key caveats to follow to prevent hacking as a result of installing such a PHP programming environment?

Thanks to all for any input. I am sure many beginners will appreciate knowing the answers to all the above questions.



#2 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 18 August 2006 - 01:45 PM

If you install a server on to your PC, your PC has a slim chance of getting hacked. As the real vunerability you'll have is the security of your PHP scripts this is how sites get hacked due to exploits in thier code.

To stop people from hacking your scripts you should make sure any variables comming the client such as POST'd data, URL parameters and cookies should all be validated properly. For example say you have an id url parameter which holds an integer. You should check that the id variable is a number using this:
if(isset($_GET['id']) && is_numeric($GET['id']))
{
    // id variable has been validated and passed. We can now use $_GET['id'] variable
}
else
{
    // we kill the script as id variable is either not present or is not a number
    die('invalid identifier');
}


Also I dont like any of those packages you have listed above. It is much better to setup Apache, PHP and MySQL manaully That way if you want to upgrade PHP you can do without having to wait until your AMP package has been updated.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users