Chris Shiflett, Founder and Spokesman

Chris Shiflett, Founder and Spokesman

erm yes....?
whats your point? :)
that he forms a consortium on his own?

No, sorry, his name pops up quite often during PHP security discussions, seminars, etc. I (obviously) made an incorrect assumption that folks knew who he was. My mistake.

I guess my point is that the consortium seems to at least be founded by a respected PHP peer.

Thanks Coop, I had never heard of him either.

Should be an interesting site. Think I`ll wait for the PDF version, then give my printer a workout. Its been pretty bored lately.

No, sorry, his name pops up quite often during PHP security discussions, seminars, etc. I (obviously) made an incorrect assumption that folks knew who he was. My mistake.

I guess my point is that the consortium seems to at least be founded by a respected PHP peer.

ah ok, thanks :)
trustworthy then it seems :)

>> Chris Shiflett

knows his stuff and his name comes up quite often.

thanks dreamcatcher

His name has come up here too re. security.

One of the security aspects that he consistently covers is cross-site request forgeries, which are often missed in PHP security discussions. I've come across a number of people who thought they knew the ins and outs of php security and had no idea about XSRF. I don't think cross-site request forgeries are so common these days, but it's good for more sensitive areas of your scripts to be ready for them if they ever do become more common. They're not usually so easy as cross-site scripting, but pretty nasty in potential consequences. At phpsec.org there's a bit on this issue at [phpsec.org...] , and about how you can protect more sensitive parts of your scripts with tokens.