Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Programming/Scripts

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th November 2007, 22:04
Karel Karel is offline
Junior Member
 
Join Date: Jun 2007
Posts: 12
Thanks: 0
Thanked 1 Time in 1 Post
 
Question Python web programming security

Hello,

I'm looking for suggestions about Python security. I have a relatively small webserver, providing "VIP" webhosting (read not the usual slow server+PHP+MySQL+unlimited traffic except when you really use it) and I need to have an "administration panel". I didn't go for ISPConfig or anything similar, they are overcomplicated and hard to customize for my (customers') needs (e.g. joining svn, Trac, phpBB, email and ftp logins together). My current panel is a bunch of PHP scripts, it 'works' but is very hard to maintain (adding new features is even harder).

Recently, I read through several Python manuals and it seems to me that the language provides exactly what I need. It has less overhead than Java and is 'nicer' (object-oriented, readable) than PHP/Perl. Now, making the administration interface itself is simple, as are several SQL queries to add e.g. ftp users, but rest of the scripts (I guess 80%) is just checking and sanitizing user input, checking permission (e.g. whether current user can edit this domain emails).

I wasn't able to find any tutorials about preventing SQL injections etc., but I guess there will be a simple function to do that (as I have seen many Python web frameworks). Also, are there any nice tutorials about mod_python sessions? Python seems to have better support for sessions, as you probably can save a whole class instance (I'm not sure about this).

I wonder what should I do...
Reply With Quote
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with the virtual email system with postfix, courier,mysql Greg Parker HOWTO-Related Questions 3 3rd January 2007 18:59
get thousands of "Mailsize" mails from own server torusturtle Installation/Configuration 20 24th December 2006 15:51
Virtual Users And Domains With Postfix, Courier And MySQL (mail not relaying) RinoM1 Server Operation 1 12th November 2006 16:31
Default Web Dir fro Installation/Configuration 1 21st October 2006 13:03
Mail using postfix receive but cannot send garfabian Installation/Configuration 17 2nd September 2006 14:55


All times are GMT +2. The time now is 15:08.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.