tailieunhanh - PHP and MySQL Web Development - P70

PHP and MySQL Web Development - P70: PHP and MySQL Web Development teaches the reader to develop dynamic, secure, commercial Web sites. Using the same accessible, popular teaching style of the first edition, this best-selling book has been updated to reflect the rapidly changing landscape of MySQL and PHP. | Providing Secure Transactions 317 You should note that some people will disable features that they consider a security or privacy risk such as Java cookies or JavaScript. If you use these features you should either test that your application degrades gracefully for people without these features or consider providing a less feature rich interface that allows these people to use your site. Users outside the United States and Canada might have Web browsers that only support 40-bit encryption. Although the . Government changed the law in January 2000 to allow export of strong encryption to non-embargoed countries and 128-bit versions are now available to most users some of them will not have upgraded. Unless you are making guarantees of security to users in the text of your site this need not concern you overly as a Web developer. SSL will automatically negotiate for you to enable your server and the user s browser to communicate at the most secure level that they both understand. We cannot be sure that we are dealing with a Web browser connecting to our site through our intended interface. Requests to our site might be coming from another site stealing images or content or from a person using software such as cURL to bypass safety measures. We will look at the cURL library which can be used to simulate connections from a browser in Chapter 17 Using Network and Protocol Functions. This is useful to us as developers but can also be used maliciously. Although we cannot change or control the way that our users machines are set up we do need to bear it in mind. The variability of user machines might be a factor in how much functionality we provide via server-side scripting such as PHP and how much we provide via client-side scripting such as JavaScript . Functionality provided by PHP can be compatible with every user s browser as the end result is merely an HTML page. Using anything but very basic JavaScript will involve taking into account the different capabilities of