VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Server -> Client Communtication for Preprocessor languages (PHP)

November 2004

[Back to index] [Comments]


A 'Preprocessor language' is a web-based language, which has been done to run on a server, and only on the server. The results by the executed web-based preprocessor script (like PHP) file will be transfered to the Webpage, which can be seen by the user. That means, the user will never see the code of that script. As a result, the script can not harm the user in any way, because it is executed on the server, (and only there) and just the results are send to the user. This has been also written in VirusBulletin March/2001 in an article by Denis Zenlin & Mike Pavlushchik called 'PHP go the Script Viruses'. The article deals with the PHP.Pirus (29a#5) and PHP.NewWorld and the common PHP problem. A very important statement of the article: '... and it does not have the ability to spread to other Web sites or PCs of the visitors who view an HTML page containing a malicious PHP script. This last case is not possible simply because a user receives a pure HTML page with absolutely no script inside from the PHP processor...' Well, that's not true at all, which I will prove in this article. :)

[Read the article]

By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka