[OWASP_PHPSEC] Daily Report - 18 July, 2013

rahul chaudhary rahul300chaudhary400 at gmail.com
Thu Jul 18 10:59:31 UTC 2013

Hello All,

Today there was several things that I did:

1) First I addressed the many issues that were discovered in my previous
code and library. Some of those issues were related to coding practices,
others were minor concerns from the mentors. Each of those concerns needed
some change in the code. I have addressed those issues and am waiting for
their reply to move forward with those issues. Two of the biggest concerns
were regarding two functions - "remember me" and "reset Password". In the
former case, the point was made that not all test cases were covered up. I
looked to those issues, cross-referenced my code and made sure that those
concerns were addressed. In the former case, it was pointed that the
function contains potential for a DOS attack. I did some research on my own
and checked my code multiple times to ensure that it was not the case. This
issue is still not resolved and the discussion is still on.

2) I update the documentation in OWASP's WIKI page for 3 of the libraries -
session management, use library, and user management library....links to
those pages can be accessed from here:
There were many things to do here. I wrote the documents and then cross
checked if the data I provided was 100% correct or not. That was
time-consuming.   (hmmm ... tired ^_^)

3) I made some changes to the presentation slides in "session management"
and in "user management". Since not much work has been done in "user
management", I have not pushed those slides yet. Boy!! documentation is a
tough thing. :(

4) In my own time, I thought more on the implementation of "Logging
library". Since this is a big library and will contains lots of php files
of its own..this library needs time and proper planning. I am still waiting
on response from mentors on my previous email that discussed this issue.

Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130718/5e64357e/attachment-0001.html>

More information about the OWASP_PHP_Security_Project mailing list