how to run PHP files.


Last Updated: 2010-07-22 00:18:01
  1. musicworld1

    musicworld1 Member

    hi

    i have some php files. but how to run them, which plugin i will have to install?

    Advertisement
  2. Pryomancer

    Pryomancer Well-Known Member

    PHP is a server script language, the files are executed from a web server on which they have been uploaded.
  3. UrbanMuppet

    UrbanMuppet Guest

    No longer a contributing member. Account pending for deletion.
  4. Intruder

    Intruder Well-Known Member

    What a silly question.. sorry.. What exactly are you trying to do?
  5. musicworld1

    musicworld1 Member

    thanks much, i am downloading WampServer.
  6. Hangdog42

    Hangdog42 Well-Known Member

    Unless you know what you're doing, your are REALLY not going to want to expose this machine to the internet. Unless you configure your server properly, PHP can introduce horrible security holes into your machine.
  7. hitmark

    hitmark Member

    horrible security holes?????????

    first time hear about it. what are they?
  8. Hangdog42

    Hangdog42 Well-Known Member

    Well, in 2006 PHP accounted for 43% of identified security issues on websites. It certainly has gotten better since then, but the potential for misuse is still there. This article also gives a nice overview of the problems.

    Some of them aren't specific to PHP (validating user input for example) but hit PHP hard because of it doesn't enforce standards. There are also PHP server settings like global variables that can be mis-set if you don't pay attention.

    Here is a list of PHP related security articles that are worth a read. And this thread has an interesting discussion on PHP security. Yes, I hang out at LQ a lot.

    Basically, PHP is pretty easy to learn, and a decent web stack isn't hard at all to set up (heck, there are a bunch of pre-packed ones like WampServer out there) so a lot of newbies can start tackling making their own web sites. But what is missing from almost all these discussions is the issue of security. If you're putting something on the web, it is going to be attacked, period. And unless you've taken steps to control access, monitor the state of the server, and have the ability to detect and recover from a breach, you have no business operating a web server. If you just slap something out there, sooner or later it will become a spam-spewing zombie and poorly coded PHP apps are one of the major vectors for turning those shiny servers into zombies.
  9. DreamBen

    DreamBen New Member

    Great post. I agree with most of what you said. The potential for security issues because of abuse or misuse is prominent with every technology out there though. From my educational and professional understandings PHP is the most stable server-side scripting language available. ASP is ran from windows os (enough said about this one), JSP is dependent on Java, etc...php is nearly standalone and can be ran from nearly any PC (and even mac now). One does need to be security minded though while programming with any technology as the potential for opening up an accidental security hole is by far controlled by the intelligence of the coder/operator. The main reason why there's so many issues which people have/make with PHP is because it is easy to learn and make simple things quickly...and it's free of course making it more widely used.

Share This Page