Points of attack: PHP and Ajax
Itís easy to get caught up in the dynamic potential of Ajax. But with innumerable possibilities also comes increased risk. If security isnít a major concern, it should be.
Consider a registration form built out of PHP. Any aspect of your script that accepts and processes data is a potential point of attack. If you add Ajax, what youíre doing is increasing the complexity of the application and, by extension, introducing greater vulnerability. More points of entry equal a larger attack surface, and that means potential problems for your application.
[ Read more ]