Reputation: 19
ESAPI for PHP nonexistant?
I've been trying to find the PHP version of ESAPI for quite a while now but all I can find is a ton of documentation and interfaces. I couldn't find any functioning code at the repository either. Do any finished classes even exist?
Upvotes: 2
Views: 2911
Answers (3)
Reputation: 169
There is a github repo: https://github.com/OWASP/PHP-ESAPI
(but last changed 9 month ago)
Upvotes: 0
Reputation:
Have you tried OWASP ESAPI for PHP
You can view the implementation in the source code repository at OWASP ESAPI for PHP
Upvotes: 2
Reputation: 398
There is currently a project in the Google Summer of Code to port ESAPI 2 to PHP - also we are always looking for additional contributors to our projects. The current ESAPI4PHP implementation is based off of ESAPI 1.4.x and there are several components that are out of date - however the core components (Output Encoding, Input Validation, Logging, etc) are still applicable and usable - I would recommend using it in the meantime.
You can view the implementation (in addition to the interfaces) in the source code repository at http://code.google.com/p/owasp-esapi-php/source/browse/#svn%2Ftrunk
Upvotes: 1
Related Questions
- Possible RFI detected
- Turning expose_php OFF in php.ini
- The new pecl_http extension for PHP (version 2)
- ECC PHP Library
- Deprecated: Function eregi() is deprecated in C:\wamp\
- OWASP ESAPI encodeForHTML with some allowed formatting tags
- PHP5 ISAPI on Windows 7 (64 bit)
- Fix deprecated eregi function in php?
- PHP, PCI compliance problem: How to?
- Eregi() Deprecated php help?