Toward a Secure Compiler for Savant

Savant uses PHP for its template markup, but also supports extneral compilers. Unfortunately, the example compiler in the distro is not that secure.

But! Joshua Eichorn has put together a spiffy PHP code analysis tool called PHPCodeAnalyzer. It takes PHP code, runs the PHP tokenizer on it, and reports back what functions, methods, etc. are present in the code. This could serve as a basis for a secure compiler for Savant, which in turn might be the tipping point for RevJim.

(Reverend, if you’re reading, I’d be very happy to hear your comments on this).

Are you stuck with a legacy PHP application? You should buy my book because it gives you a step-by-step guide to improving your codebase, all while keeping it running the whole time.
Share This!Share on Google+Share on FacebookTweet about this on TwitterShare on RedditShare on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *