[Esapi-php] Please do check in, tell us about your good works this past week!
Martin Reiche
dev.bberry at googlemail.com
Fri Feb 5 18:33:16 EST 2010
I will implement them es private functions directly in the Test
class. I do not know if anyone else could make use of it. If that's
the point, we can still refactor them into a seperate class file.
Martin
Am 06.02.2010 um 00:08 schrieb Mike Boberski:
> Martin, your call, whatever you'd prefer.
>
> Mike B.
>
> email mike.boberski at gmail.com
> blog mikeboberski.blogspot.com
> book www.owasp.org/index.php/ASVS
> tools www.owasp.org/index.php/ESAPI
>
>
> On Fri, Feb 5, 2010 at 6:04 PM, Martin Reiche
> <dev.bberry at googlemail.com> wrote:
> Hi MIke,
>
> just browsing the SafeFileTest.java... There they have
> org.owasp.esapi.util.FileTestUtils and .CollectionsUtil. They
> provide functionality to deal with the creation of files (we need
> to create files to construct SplFileObjects and so to test
> SafeFile).. We do not have them in the PHP variant. Shall I write
> them as classes or is it enough to just implement their
> functionality directly int he SafeFileTest.php?
>
> Comments?
>
> Martin
> Am 05.02.2010 um 16:40 schrieb Boberski, Michael [USA]:
>
>> Thanks! There are a whole bunch in the Java, we'd want to rename
>> them to use PHP, e.g. testPHPFileInjection.
>>
>> Best,
>>
>> Mike B.
>>
>>
>> From: esapi-php-bounces at lists.owasp.org [mailto:esapi-php-
>> bounces at lists.owasp.org] On Behalf Of Martin Reiche
>> Sent: Friday, February 05, 2010 10:37 AM
>> To: ESAPI for PHP development list
>> Subject: Re: [Esapi-php] Please do check in, tell us about your
>> good works this past week!
>>
>> Alright, I will write a few tests for SafeFile.
>>
>> Martin
>>
>> Am 05.02.2010 um 16:06 schrieb Boberski, Michael [USA]:
>>
>>> Whoops, Martin hold off on Logger, we need tests for SafeFile!
>>>
>>> Mike B.
>>>
>>>
>>> From: Boberski, Michael [USA]
>>> Sent: Friday, February 05, 2010 10:02 AM
>>> To: 'ESAPI for PHP development list'
>>> Subject: RE: [Esapi-php] Please do check in, tell us about your
>>> good works this past week!
>>>
>>> Hi Martin. Thank you! I will check it out and research along
>>> those lines, to figure out if further action is needed.
>>>
>>> Are you interested in working on Logger? Jah is focused on
>>> Encoder, it would be great if you could go the last mile with
>>> Logger, to get it done.
>>>
>>> Best,
>>>
>>> Mike B.
>>>
>>>
>>> From: esapi-php-bounces at lists.owasp.org [mailto:esapi-php-
>>> bounces at lists.owasp.org] On Behalf Of Martin Reiche
>>> Sent: Friday, February 05, 2010 9:48 AM
>>> To: ESAPI for PHP development list
>>> Subject: Re: [Esapi-php] Please do check in, tell us about your
>>> good works this past week!
>>>
>>> Hi Mike,
>>>
>>> I just commited the SafeFile implementation. As you might see in
>>> the commit message, I extended the SplFileObject class.
>>> We might think of a solution for the file handle based functions
>>> like fopen(), fread() etc. as they can not be secured easily with
>>> this solution.
>>>
>>> Best,
>>> Martin
>>>
>>> Am 04.02.2010 um 19:58 schrieb Boberski, Michael [USA]:
>>>
>>>> Hi Team. Please do check in, tell us about your good works this
>>>> past week! Yes, I (and many others) do read your emails!! Stuck?
>>>> Looking for a new or additional assignment? Questions? Email the
>>>> list!
>>>>
>>>> Best,
>>>>
>>>> Mike B.
>>>>
>>>> company www.boozallen.com
>>>> blog mikeboberski.blogspot.com
>>>> book www.owasp.org/index.php/ASVS
>>>> tools www.owasp.org/index.php/ESAPI
>>>>
>>>>
>>>> _______________________________________________
>>>> Esapi-php mailing list
>>>> Esapi-php at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/esapi-php
>>>
>>> _______________________________________________
>>> Esapi-php mailing list
>>> Esapi-php at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/esapi-php
>>
>> _______________________________________________
>> Esapi-php mailing list
>> Esapi-php at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/esapi-php
>
>
> _______________________________________________
> Esapi-php mailing list
> Esapi-php at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-php
>
>
> _______________________________________________
> Esapi-php mailing list
> Esapi-php at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-php/attachments/20100206/c14b12b2/attachment.html
More information about the Esapi-php
mailing list