Friday, April 4, 2008

PHP, Unicode, and Securing Your Code

I ran across a pair of interesting articles this morning.

The first focuses on securely handling string data (in PHP). There is a lot of focus on the "context" of a string as being the grounds for determining when and what encoding should be done. Good idea... but the conclusion is rather banal. Safe string theory for the web.

The second, which is linked from the first, is a basic intro to Unicode. It contains useful information that too few people seem to understand. Man, I wish I'd found this four years ago....

The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!)