13
aziflaj
9y

This is a true story. We had this subject, called “Web Design” (really, “design”), where we studied HTML, CSS, JavaScript, PHP and MySQL (confusing, right?). And when we get the PHP (e-)book, it was this old PDF (probably downloaded illegally) teaching the legacy 4.0 version of PHP. Anyway, when we had to develop the final project, the sane professor allowed us to use a newer version of PHP — 5.2, released on 2008. I had to follow the rules, so I developed probably the less secure web application I will ever develop. That means no protection from SQL injection, XSS vulnerable and a bunch of other security holes… And that’s how they liked it developed!

Comments
  • 2
    Hopefully they are now stressing security aspects.
  • 2
    @Jumpshot44 using md5 for passwords? No I don't think so...
  • 2
    You should let people have access to these websites and let them break out toake a point about how bad these vulnerabilities are
Add Comment