If I use PHP, how solid is PHP and what Web Server is best to use for my site?

I am thinking of  developing a website using PHP.

It involves users,  accounts and video uploads - but low traffic
For storing of these uploaded videos, would a standard DELL desktop be adequate for it all?
Before this, I have been advised to program a server in Java on a Linux OS machine with a Tomcat container to deploy servlets to manage the interaction and uploads. I'd prefer not to do this, as I am unfamiliar with them.

I want to program the site itself in PHP. Does PHP have any current hacking issues or considerable weaknesses, for me to abandon it? My esteemed friend says he thinks it's pretty solid.


xannusAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nplibCommented:
it's not the programming language that has security wholes, it's the programmer. that determines the security wholes. Also how secure your server is, also determines the security.

There's no such thing as a standard Dell workstation.

they change almost every month. Actual tech specs would make the decision easier to establish.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Beverley PortlockCommented:
PHP is like any other technology. Implement it badly and you'll live to regret it. Implement it properly and it will function well.

The biggest security holes in PHP are:

a) Register Globals - turn it OFF, keep it OFF
b) SQL injection attacks - avoidable if you follow the tips at http://www.php.net/mysql_real_escape_string
c) Recently discovered injection attack against $_SERVER['PHP_SELF'] which can be defeated by using

function phpSelf() {
    return htmlspecialchars( strip_tags( $_SERVER['PHP_SELF'] ),ENT_QUOTES);
}

d) Make sure that the MySQL user PHP uses has limited privileges - SELECT, UPDATE, INSERT, DELETE, CREATE TABLE, LOCK TABLES should be enough.


I prefer to use Linux for my OS and I find PHP5, MySQL5 and Apache very stable. The biggest problem you may have with the Dell will not be the computer itself, but bandwidth through your DSL connection to the net. Your upload speed is a LOT lower than your download speed and the service provider may have a monthly bandwidth limit as well.

0
Loganathan NatarajanLAMP DeveloperCommented:
Does PHP have any current hacking issues or considerable weaknesses, for me to abandon it?

>> every programming language has it is own weakness and disadvantages.. we cannot say 100% secure, or hacking free... as those guys said ...it is matter how we do it and secure the data as well as exceptions...

we should have dedicated as well as handling exceptions system to do this project.. at the end I would recommend you can very well use php and develop the site.. make sure you handle all the exceptions..don't allow user to try the possibilities...

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.