Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 80
  • Last Modified:

When do you add security to your apps?

When building a new php application do you create the security functions, validation etc at the same time as the functionality, or do you add it once you have the basic of the app working?

I created some very effective security functions, which seem to be slowing down development/testing. Wondering how others deal with this.
0
Stephen Forlance
Asked:
Stephen Forlance
3 Solutions
 
Dave BaldwinFixer of ProblemsCommented:
Security and validation pretty much must be built into the functions.  It is difficult to add it back in.  But just like anti-virus, it will slow things down.  Maybe you're 'overdoing' it.
0
 
Ray PaseurCommented:
You might want to show us the code that is slowing things down.  We might be able to spot the issues.  Please include your test case information, so we can replicate your test environment and see the slowdown in action.

You might consider using the Laravel framework.  It will handle validation and security for you, with state-of-the-art processes that will not slow you down.

If you've created effective security functions, but wonder about performance, you might want to post them on GitHub and ask the open-source community to have a look, fork, send pull requests, etc.
0
 
Scott Fell, EE MVEDeveloperCommented:
I would say it depends.  

I like to add log in from the start because many functions rely on logged in state (at least for what I work on).  But when I am creating a new page that may be more complex, I may create a single page with only my raw server side code.  Once I am happy with my logic, I add a new page and incorporate what I created in my test page.
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now