Quote:
Originally Posted by mainstreammix
I've read nothing, it's too easy as it is. Until you go play with it it's really hard to envision how wild this stuff is.
|
Its easy yes, but not always secure, espeically when publishing code in the 'real world' and not locally.
Lately I've found myself having to direct it more and more to add CSRF on forms as well as making sure when it hashes passwords it does it properly instead of just using a basic salt.